Human error tops IT security concerns

Human error is the top IT security issue for UK IT directors, a survey has revealed.

Human error is the top IT security issue for UK IT directors, a survey has revealed.

Of those surveyed, 86% believe their own employees are the most likely cause of security issues. Human error was the biggest reason according to 37% of the IT directors surveyed by YouGov researchers.

The second biggest cause of concern is staff consciously ignoring security policies, according to 31% of those polled on behalf of network security firm Clavister.

Only 13% said insufficient training and awareness of policies was to blame. Even fewer (5%) cited industrial espionage as a worry.

Andreas Åsander, vice-president of product management at Clavister, said the survey results question the effectiveness of current IT security products and policies.

"For security rules to be adopted, users need to understand why they are important, and what the rules mean to them personally and professionally," he said.

Andreas Åsander said policies need to be easy to read and understand.

"It is absolutely key that employees understand why rules are needed and what it means to them both personally and in their job," Åsander said.

Åsander said users who do not comply with policies must face consequences, but companies should make it easy to do the right thing.

"Implement a content filtering gateway, for example, which makes it impossible to do the wrong things and grant users access only to what is necessary," he said.

Policies should be continually reviewed and updated, according to Åsander, and where compliance if difficult, new support technologies like content filters should be found.

Read more on Hackers and cybercrime prevention