Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

InfoSec pros spend most time, money on self-inflicted problems

Maria Korolov | July 22, 2015
InfoSec professionals spend most of their time and budgets on security problems created within the organization itself.

"The risk factors, the weakest links, are human," he said, adding that the survey shows that enterprises need to dedicate more resources to helping their developers write more secure code, and helping all their employees be more security conscious.

And even an annual training program might not be sufficient, given the fast-changing nature of the threats.

"If you were to update your antivirus just once a year, that's not a good security posture," he said. "But that's what we do with the human element. We don't give them the tools they need to do their jobs."

He added there's a widespread perception that you can't train people to be more security conscious.

"I think that perception is wrong," he said. "With good training, good communications, you can actually have measurable change in the organization."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.