Training reduces internal security threats

Users who receive adequate training in what constitutes a corporate security threat and how their actions put corporate networks at risk are more likely to take the necessary precautions. But relatively few companies offer such training to their users; according to a report from the Computing Technology Industry Association, only 36 percent offer security training awareness to their end users and only 29 percent required security training for IT staff. But IT managers are getting the message, placing a new emphasis on training. That includes posting information on the organization's Intranet, putting posters and flyers in breakrooms and talking about security during IT department meetings. In addition, vendors like Symantec and Foundstone offer comprehensive security training packages, such as Web-based courses. These courses can provide customized content that dovetails with existing company policies and procedures.

Read more about reducing internal security threats:
- read the article at TechTarget
- and this article from ComputerWorld

ALSO:
- read this on the security enemy within
- and this on avoiding insider attacks