IT security culture must start from the top

Published: 24 September 2004 y., Friday
Senior executives need to help companies build an IT security-conscious culture from the top down, according to new research by Ernst & Young. Respondents to its Global Information Security Survey 2004 named lack of security awareness by users as the top obstacle to information security. But only 28 per cent of them listed raising employee information security awareness as a top initiative in 2004. "I think the issue of security awareness has been delegated or abdicated to technical professionals some levels down in organisations," said Jan Babiak, managing partner of Ernst & Young's information security services in the UK. Ernst & Young advised that companies should place more emphasis on creating a security-conscious culture that includes setting the right 'tone at the top'. But only one in five companies saw it as a chief executive-level priority. Nearly two thirds of those surveyed did not have a chief information security officer, although more than half (53 per cent) of companies with revenues over over a $1bn a year did. Viruses and Trojans are still rated the biggest threat overall, but employee misconduct was considered the second biggest threat. Theft of proprietary information was rated the lowest threat.
Šaltinis: vnunet.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.

Facebook Comments

New comment


Captcha

Associated articles

Online gambling - a roll of the unregulated dice?

A number of MEPs urged Internal Market Commissioner Michel Barnier to come up with common rules to regulate cross border online gambling in Europe. more »

A safer and more social internet? (910)

Think before you post as once you do it is online forever. That was the message on Safer Internet Day marked on 9 February by a seminar in the European Parliament. more »

European Commission calls on social networking companies to improve child safety policies

50% of European teenagers give out personal information on the web – according to an EU study – which can remain online forever and can be seen by anybody. more »

ICSA Labs Is First Security-Product Testing Organization to Earn Key Accreditation

ICSA Labs, an independent division of Verizon Business, is the first independent security-product testing and certification laboratory to earn ISO/IEC 17025 accreditation, validating the laboratory's world-class capabilities. more »

“.eu” internet domain now available in all EU languages

From today, European citizens, businesses and organisations can register .eu website names using characters from all 23 official languages of the European Union. more »

70% of ringtone-scam websites corrected or closed following EU probe

Authorities investigated 301 mobile phone services websites in follow-up to EU crackdown on misleading consumer practices. more »

Telecoms Package: internet access safeguarded

After nearly 2 years of legislative work the Telecom Package is due to be put to a final vote in Parliament on 24 November in Strasbourg. more »

Hackers indicted in $9.4 million ATM heist

The Christian Science Monitor reports that three men have been named as being the masterminds behind the hacking of RBS WorldPay, a subsidiary of the Royal Bank of Scotland. more »

BAI RD: Industry consultant says ATMs remain critical for FIs

BAI’s Banking Strategies Insights reports that banks must get serious about improving their ATMs, especially in the area of envelope-free deposit. more »