Lack Of End User Training Growing Threat To IT Security, According To CompTIA Study

While information security remains a top priority for eight in 10 IT professionals surveyed, many companies seem to be underestimating one of the most significant IT security threats -- end user error.

According to CompTIA’s 7th Annual Trends in Information Security survey, human error is the primary cause of the most severe security breaches, yet significantly fewer organizations (45 percent) provided security training for their non-IT staff in 2008 compared to 53 percent in 2007. The results of study will be released and presented at the FOSE tradeshow in Washington D.C.

“Fueled in part by the rapid adoption of portable hardware like laptops, flash drives and smart phones, and by distributed information technologies like crowd sourcing, social networks, virtualization and cloud storage, end users are exposed to new IT security threats every day,” said Tim Herbert, vice president of research at CompTIA. “Security threats grow along with the expanding reach of IT so non-IT employees need to be continually trained on the latest IT security threats.”

Terry Erdle, senior vice president of Skills Certification for CompTIA will presented the details of the study Tuesday at FOSE.

“Unintentional security breaches by non-IT staff cost companies thousands of dollars in lost productivity and business downtime,” Erdle said. “This demonstrates a need for more employee trainings and deeper knowledge of technology functions.”

The complete study can be found at

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety