Human error tops the list of security threats

When it comes to security, human threats score much higher than those posed by technology. So says a new survey by consulting firm Deloitte of more than 100 technology, media and telecommunications companies worldwide.

Seventy-five per cent of companies listed human error as the leading cause of security failures such as breakdowns and systems outages. Forty-eight per cent also cited operations and technology lapses as key causes of security failures. Problems resulting from third parties such as contractors and business partners, meanwhile, received 28 per cent of the votes as a root cause of security failures.

Misbehaving employees also figure prominently in IT fears: Ninety-one percent of respondents say the risk of employee misconduct related to information systems worries them.

Another security worry is many line-of-business executives’ tendency to see information security as solely IT’s problem, Deloitte says. Forty per cent of surveyed companies give IT the primary responsibility for information security, and 45 per cent say top management is informed about security issues only on an ad hoc basis. And although 62 per cent say security is a key imperative at the board or executive level, that number is low, says Deloitte, since security should be top strategic priority for every TMT company.

To mitigate these security threats, Deloitte recommends that security goals be integrated into business strategies and plans. Measuring ROI on security efforts and providing thorough and ongoing security training to all levels of the organization are also key, Deloitte advises. Training can educate employees on how to deal with the latest security threats and can serve as a reminder to stay vigilant.

“The technology, media and entertainment and telecommunications industries are still in a reactive mode when it comes to their approach to security,” said Rena Mears, Deloitte’s global and U.S. privacy and data protection leader, in a press release. “A prerequisite for effective information security is the implementation of a proactive information security strategy that is closely linked to the company’s overall business strategy, business requirements, and key business drivers.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

CDN Staff
CDN Staffhttps://channeldailynews.com
For over 25 years, CDN has been the voice of the IT channel community in Canada. Today through our digital magazine, e-mail newsletter, video reports, events and social media platforms, we provide channel partners with the information they need to grow their business.

Related Tech News

Featured Tech Jobs

 

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.