Security resellers have to carry on education role

It might seem a bit old hat to talk about the security channel educating customers but the need for them to do so remains more important than ever

Talking about the need for education in the security market might feel a bit of an old subject but there continues to be a pressing need for the channel to work with customers to help prevent user led incidents.

With the majority of breaches resulting from mistakes made by staff there is an ongoing pressure on the channel to combine talking about the latest threats with working with users to make sure that policies and common sense procedures are being followed.

As well as protecting against emerging threats, which exploit social media, education around legacy systems is also an ongoing issue with many users failing to understand the risks of using systems that are no longer getting vendor support.

Speaking at a Palo Alto Networks roundtable in London, the CEO of NTT Com Security Simon Church said that education remained a massive issue and it was not going away as there were tens of thousands of security jobs unfilled globally.

He added that it might not be as topical as talking about the latest threats or emerging technologies but the requirement for educating the user about how to defend themselves was one that could not be overlooked.

Alex Raistrick, who works at the cyber security solutions division at PaloAlto Networks, said that there was increasing pressure on security administrators to deal with the rising tide of applications and devices that users were downloading and bringing to work and the need to inform them about data protection was something that had to be covered off to prevent breaches.

"Lots of personal applications are not visible to an organisation," he added that firms had to make it harder for cyber criminals to target them and it included getting users understanding the need for greater data protection.

Church added that it not only carried out penetration tests at customers to try to highlight vulnerabilities but also practiced what it preached and ran internal checks to ensure it was following best practice.

Read more on Data Protection Services