Managed IT Services, IT Security Services, Vulnerability Management and Remediation, Help Desk Support, IT Maintenance Services, Network Administration, Business Continuity Planning, Disaster Recovery Planning, Onsite and Offsite Data Backup, and Information Security Assessment
A recent article in CIO explores the question: Is data security awareness training effective?
The answer: Yes.
The article points to an ISACA study that seeks to measure the effectiveness of data security awareness training. The study concludes: “Security awareness training is a vital nontechnical component to information security. As such, it is in the interest of the public and private sectors to continue to research this component that directly impacts security’s weakest link: humans.”
The study notes that “Respondents from a recent Enterprise Strategy Group survey stated that training users on confidential data security policies was the most important measure for protecting proprietary information.”
The CIO article points out that “when specific employee behaviors are addressed in a meaningful way to bring about a security-aware culture, the incidence and cost of non-compliance plummets.”
Education has both an intrinsic and instrumental value. Education is good because it is good in-and-of-itself to learn more about things, and education is good because it is one of the most powerful tools for improving decisions and behavior.
So the conclusion of the article is no surprise. But it’s always nice to hear it emphasized.