A survey commissioned by the Computing Technology Industry Association (CompTIA) revealed that 31 percent of companies have experienced between one and three "major security breaches"--characterised as a security breach which causes real and serious harm to a network--in the past six months
Worryingly, 22 percent of respondents said none of their IT staff have received specific security training while more than two thirds of companies polled said only a quarter of their IT staff are trained on security issues.
Unsurprisingly therefore, almost all companies--96 percent--said there is a need for more security training among IT staff.
Matthew Poyiadgi, CompTIA's regional director, UK and Scandinavia, said in a statement: "We think the results are pretty staggering.
"Where agencies and companies have looked primarily to technology for network safety, in over 63 percent of identified security breaches, human error looks to be a major, underlying factor. Because our findings also show that security related training and certification have been underutilised, CompTIA believes that better training and certification of IT staffs will make our networks safer."
In response to the findings, one security-minded techie, Mike Lee, senior security specialist at BT Ignite, highlighted an "after the horse has bolted" philosophy towards IT security in Europe.
Lee said: "IT security in Europe is only taken seriously if a company has recently suffered an attack, been asked to comply with an audit or legal instruction, or is about to implement a new ecommerce or web-based service. This reactive attitude to security places companies at risk--organisations need to place greater emphasis on prevention."
