Effective security must be 'sold' to IT users, urges BT security chief


Effective security must be 'sold' to IT users, urges BT security chief

Warwick Ashford

Security has to be sold to users of IT systems in the same way as consumer goods and services, says Mark Hughes, managing director of security at BT.

"Unless they are persuaded that IT security is a good them for them personally, their organisation and its customers, they cannot be relied upon to follow policy," he said.

People are as important to IT security as the technological controls that any organisation has put in place, said Hughes.

"If people do not understand why IT security is important to them, technological security controls will fail, he said.

Employees within any organisation need to be reminded continually using a variety of channels of their IT security obligation and why it is important, said Hughes.

"Many of the horror stories of data losses featured in the media could have been avoided by better educating people about security," he said.

Hughes is to explore some of the successful security awareness strategies used at BT at the inaugural Human Factors in Information Security Conference in London, from 22-24 February.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy