The IT staffing firm, Robert Half Technology, recently surveyed over 2,000 chief information officers from across the U.S. about their cyber security plans for 2015. A majority of the CIOs are planning to improve the security of their information in the next year and plan to use several methods to do so.
Topping the list of security strategies is enhanced employee education, with 54 percent of the CIOs reporting their intention to increase training. Other popular strategies include closer scrutiny of firms that have access to company data (45 percent), and hiring additional IT staff members who specialize in security issues (41 percent).
Although a comprehensive approach to system security requires that organizations tackle the issue from multiple fronts, this survey shows a clear focus on employee-centered strategies.
IT experts suggest organizations look for specific skills when hiring system security staff. Quality candidates should have security certifications as well as evidence of how those have contributed to their success. They should be focused on establishing a culture of security within the organization and possess the strong communication skills necessary to effectively implement security measures at all levels of the organization. “Survey: Employee training top priority for CIOs in protecting company information,” www.centralvalleybusinesstimes.com (Feb. 13, 2015).
A report released by Symantec and the Ponemon Institute found that two-thirds of the data breaches in 2012 were caused by human error and system glitches.
Education and training is the best offense against human error. The more loss prevention education and training an organization can provide to its employees and contractors, the lower the security risk to the organization. This simple formula holds true for sexual harassment, and it holds true for cyber risks as well.
This is why IT executives are making employee-driven security measures a top priority this year.
Keeping employees up-to-date on the latest risks, and accountable for their actions, will help to decrease human error. This site provides consistent education on cyber security issues. Please use this education for yourself, but also for your employees.