Implementing a culture of data security awareness requires persistence and the right tools
/EINPresswire.com/ Statistics show that a large percent of data breaches are the result of internal failures and lack of awareness, rather than the result of external theft. For many organisations staff are the weakest security link and, only systematic, ongoing training will overcome this weakness.
The most recent 2012 data protection survey, undertaken by the Irish Computer Society (ICS), confirms these statistics for Irish companies. It is likely that a similar picture can be painted for the rest of Europe. According to the survey 58% of the breaches, which the interviewed Irish companies suffered, were caused by a staff member, proportionally more a result of internal failure and lack of awareness, rather than from external data theft. 34% rated their companies as placing too low a priority on Data Protection, while 28% believed that the greatest threat to an organisation's assets come from negligent employees.
The new data protection (DP) regulations, announced earlier in January 2012, are due to take effect across Europe in early 2014. This means that European organisations have less than two years to prepare for meeting the requirements. Staff training will be a major issue and given the time it takes to educate people, organisations should start the process early on. E-learning is one of the favourite approaches to training non-technical staff, because it is convenient and cost-effective: www.itgovernance.co.uk/itg-elearning.aspx
Alan Calder, CEO of IT Governance, says, "While organisations have recognised that using appropriate technology to protect data is important, they still need to get to grips with understanding and adopting an integrated approach to data protection and information security. Such approach involves both technology and people. It doesn't matter how much money you spend on software applications if your employees undermine your efforts, consciously or unconsciously."
"Data protection and cyber security issues need to be addressed at the employee entrance level. A firm's foundation is built on the employees ability to understand the implications of his or her actions and be mindful of these in their daily activities. The education of staff must be continuous, measured and improved upon." adds Calder.
The IT Governance e-learning courses have already been embraced by clients as an effective tool for educating users and for meeting compliance requirements. They are designed to increase employees' awareness of the relevant Standards requirements and thereby reduce the organisation's liability due to security failures.
The available e-learning courses are:
• Information Security Staff Awareness e-learning course: www.itgovernance.co.uk/products/305
• Information Security & ISO27001 Staff Awareness e-learning course: www.itgovernance.co.uk/products/3338
• DPA Staff Awareness e-learning course: www.itgovernance.co.uk/products/3392
• PCI DSS Staff Awareness e-learning course: www.itgovernance.co.uk/products/1821
One year user licences can be purchased one-at-a-time for just £45 each or in bulk at discounted prices: www.itgovernance.co.uk/itg-elearning.aspx .
For larger numbers of users, a customisable version of the course is available which enables clients to closely tie the e-learning content to their own procedures and culture. You can e-mail IT Governance at servicecentre@itgovernance.co.uk or telephone + 44 845 070 1750 to find out more.
- Ends -
FOR FURTHER INFORMATION
Desi Aleksandrova Marketing Executive
+44 (0) 845 070 1750
daleksandrova@itgovernance.co.uk
NOTES TO EDITORS
IT Governance Ltd is the one-stop shop for books, tools, training and consultancy for Governance, Risk Management and Compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
The most recent 2012 data protection survey, undertaken by the Irish Computer Society (ICS), confirms these statistics for Irish companies. It is likely that a similar picture can be painted for the rest of Europe. According to the survey 58% of the breaches, which the interviewed Irish companies suffered, were caused by a staff member, proportionally more a result of internal failure and lack of awareness, rather than from external data theft. 34% rated their companies as placing too low a priority on Data Protection, while 28% believed that the greatest threat to an organisation's assets come from negligent employees.
The new data protection (DP) regulations, announced earlier in January 2012, are due to take effect across Europe in early 2014. This means that European organisations have less than two years to prepare for meeting the requirements. Staff training will be a major issue and given the time it takes to educate people, organisations should start the process early on. E-learning is one of the favourite approaches to training non-technical staff, because it is convenient and cost-effective: www.itgovernance.co.uk/itg-elearning.aspx
Alan Calder, CEO of IT Governance, says, "While organisations have recognised that using appropriate technology to protect data is important, they still need to get to grips with understanding and adopting an integrated approach to data protection and information security. Such approach involves both technology and people. It doesn't matter how much money you spend on software applications if your employees undermine your efforts, consciously or unconsciously."
"Data protection and cyber security issues need to be addressed at the employee entrance level. A firm's foundation is built on the employees ability to understand the implications of his or her actions and be mindful of these in their daily activities. The education of staff must be continuous, measured and improved upon." adds Calder.
The IT Governance e-learning courses have already been embraced by clients as an effective tool for educating users and for meeting compliance requirements. They are designed to increase employees' awareness of the relevant Standards requirements and thereby reduce the organisation's liability due to security failures.
The available e-learning courses are:
• Information Security Staff Awareness e-learning course: www.itgovernance.co.uk/products/305
• Information Security & ISO27001 Staff Awareness e-learning course: www.itgovernance.co.uk/products/3338
• DPA Staff Awareness e-learning course: www.itgovernance.co.uk/products/3392
• PCI DSS Staff Awareness e-learning course: www.itgovernance.co.uk/products/1821
One year user licences can be purchased one-at-a-time for just £45 each or in bulk at discounted prices: www.itgovernance.co.uk/itg-elearning.aspx .
For larger numbers of users, a customisable version of the course is available which enables clients to closely tie the e-learning content to their own procedures and culture. You can e-mail IT Governance at servicecentre@itgovernance.co.uk or telephone + 44 845 070 1750 to find out more.
- Ends -
FOR FURTHER INFORMATION
Desi Aleksandrova Marketing Executive
+44 (0) 845 070 1750
daleksandrova@itgovernance.co.uk
NOTES TO EDITORS
IT Governance Ltd is the one-stop shop for books, tools, training and consultancy for Governance, Risk Management and Compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.