Education, education, education – when it comes to IT security

Add to: Digg Add to: Del.icio.us Add to: Facebook Add to: Furl Add to: Google Add to: Live Spaces Add to: MySpace Add to: StumbleUpon Add to: Twitter
Tuesday August 7, 2012 at 10:00am

Cyber crime seems to be constantly in the headlines what with M15 warnings of cyber attacks a few weeks ago and the Commons Select Committee report on intelligence and security suggesting we need to ramp up our active defence strategy, you might be forgiven for thinking that the challenges your business faces to fight cyber crime are insurmountable. 

Not so. It seems GCHQ and the intelligence services believe that 80 per cent of all cyber threats are easily eliminated by everyone following a few simple rules:  

  1. Keep security software updated 
  2. Do not open suspicious emails
  3. Be careful with the use of memory sticks 
  4. At a corporate or institutional level, monitor the network traffic going in and out of a system

Given our recent blog on the subject we might add, create more secure passwords

At the heart of this approach is education, for company Boards, managers and all employees. If all understand the threat and the implications of the threat they will often adopt the appropriate behaviour. And if they don’t there are international standards like ISO27001 you can follow to help address the issues.

The benefit of something like the ISO27001 standard for businesses concerned about cyber crime and information security management is that it provides a straight-forward framework to work to which helps you identify and manage the risks relevant to your business. By applying ISO27001 within any organisation, employee knowledge of the importance of data security will be enhanced and opportunities for security breaches diminish through the application of sound security policies and controls.

It’s not easy to get people interested in IT security. The great majority of computer users either do not grasp IT and data security or find it a mind-numbing subject. I’ll continue on my quest to help businesses tackle the problem and eliminate, not just the 80 per cent of security threats, but try and tackle the other 20 per cent too.

Marcus Allen
ISO 27001 Information Security Management Consultant

Comments on this post:

There aren't any comments for this post yet. Why not be the first to comment?

Share your experiences:

Your Name  
(to appear with your comment)
Email Address  
(will not be published)
Comments:  
Human Validation Check  
In the box below, please type the characters that you see in the picture. This helps us to ensure a real person (and not a crafty computer!) is submitting this form.

Enter the code shown to the left:

Parker Management Consultants, 1st floor, Dominion Court, 43, Station Road, Solihull, B91 3RT Contact us here