The Importance of Employee Security Training
- By Matt Holden
- Jul 10, 2014
The ability for companies and organizations to effectively train their employees on the importance of security was recently brought to light after Security Innovation announced the acquisition of Safelight, a firm that specializes in information security and developer training.
Security Innovation has been trying to develop a strategy to educate software teams and staff on critical security topics and allow them to succeed in their security goals. In the statement Charles Kolodgy, research VP at IDC, said that “low security awareness among employees is an inhibitor to security. This has been represented in IDC surveys that point out concerns about employees not following security policy is the top security challenge facing organizations.”
Research from The Ponemon Institute shows that despite the billions of dollars spent on security products, a lack of security education continues to put organizations at risk. In order to create real change and turn a liability into an asset, the following steps must be taken:
- Proper software training;
- Continuous and compelling reinforcement;
- Maximize knowledge retention; and
- Drive behavior change.
Using these tips, the emphasis can be put on employee training as opposed to the software. This focus will allow organizations to retain employees who value security and help to actively maintain a high level of consistency.
Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.