A recent report by Cisco shows frightening statistics that threaten to damage IT security as we know it.
The report found:
- 70% of young employees frequently ignore IT policies
- Two-thirds of young employees believe their companies policies need to be changed
- 61% said corporate IT security isn’t their responsibility, and that it should be that of their employer or the maker of their devices
This ‘casual’ attitude towards IT security may be a contributing factor to the fact that one in four people asked have been a victim of identity theft before the age of 30.
“The desire for on-demand access to information is so ingrained in the incoming generation of employees that many young professionals take extreme measures to access the Internet, even if it compromises their company or their own security,” the report said.
And when asked why 70% of young employees ignore IT policies, the reasons given were:
- They didn’t think they were doing anything wrong
- They needed to do it to get there job done
- They didn’t have time to think about policies while they were working
- The policies weren’t inforced in the first place
- Adhering to the policies was not convenient
This attitude towards IT security needs to change amongst young people, otherwise their employers could be in serious trouble. Leaving networks vulnerable to attacks could cause your system to be infiltrated by hackers, with the risk of losing sensitive data and suffering a data breach.
To ensure that all your employees are up to scratch on what, and what not to do on the Internet, take an Information Security Staff Awareness e-Learning Course.
This Information Security course recognises that information security awareness starts at home and then aims to help employees understand the organization’s information and compliance risks, thereby reducing the organization’s liability due to security failures. The course not only familiarises the learners with the basics of information security, including security threats via emails, the Internet and at the workplace, but also introduces the learners to the policies on incident reporting and responses. Having completed the 40-minute course, students can take a 20-question multiple-choice test.
This Information Security Staff Awareness course, which includes an online certificated test, is squarely based on the detailed guidance of ISO27002 and covers the following areas:.
- What has Information Security got to do with you?
- Where does your organisation fit in?
- Definitions: what is Information Security?
- Could this happen to you? (Scenarios and follow up questions).
- Information Security at home – potential weaknesses (Passwords, Phishing, Web 2.0, USB sticks, Sat Nat)
- Information Security at work
- Secure perimeters
- Clear desk and screen
- Portable media
- Information classification
- Intellectual property
- Security incidents
- Business continuity
- Important documentation, with links to key policies and procedures