Companies need better IT training to boost security
Wednesday, April 29, 2009
U.S. companies have been improving the policies that govern their network security with a more comprehensive approach to risk management and compliance, according to the latest annual IT security analysis from the Computing Technology Industry Association (CompTIA).
Although the number of security breaches reported in 2008 did not rise significantly from 2007, CompTIA reported greater severity of those breaches, as cybercriminals have adopted more sophisticated and evolving attacks.
Today's security risks - most frequently in the form of viruses, spam and spyware - are not stagnant. Looking forward, U.S. respondents believe that human error, phishing, social engineering, identity theft, spoofing and viruses will be the most difficult issues, CompTIA reported.
Written IT security policies are growing more comprehensive, as about 87 percent now cover mobile employees and nearly 75 percent cover mobile devices such as PDAs.
CompTIA's report said further IT training and certification will be necessary to combat security breaches caused by human error, the top reason breaches occur.
"The top reason for human-error based security breaches in the U.S. is the failure of staff to follow security procedures, demonstrating a need for further employee training and deeper knowledge of technology functions," the report said.
Related News:
Gmail security concerns provoke moves toward strict measures - 1.18.2010
After an attack by Chinese cyber criminals penetrated the network security and email systems of U.S. corporations and Chinese human rights activists living abroad, Gmail was quick to announce that it would bolster its security by making HTTPS access the default method.
Security flaw in IE used to target U.S. firms in cyber attack - 1.15.2010
Microsoft announced yesterday that the cyber criminals who launched a large-scale assault on network security at multiple American firms did so via a vulnerability in the company's Internet Explorer browser software.
Cyber attacks prompt probable Google withdrawal from China - 1.14.2010
An attempt to crack the email security protecting the accounts of several human rights activists in China and elsewhere has caused search giant Google to end its cooperative relationship with the Chinese government, and, experts say, probably cease operations in China altogether.
Spam sticks around because it works: Report - 12.29.2009
Although anti-spam utilities have grown more sophisticated and email users have grown more savvy, email spam shows no signs of slowing down, according to the St. Louis Post-Dispatch.
FBI: Law firms and PR agencies high on hacker target lists - 11.18.2009
Using complex email scams, cyber criminals are increasingly targeting sensitive information held by law firms and public relations companies, according to an FBI advisory released earlier this month.
|
