| The Enemy Within |
| Topic |
Managing Information |
| Key Words |
IT, managing information, training, security |
| InfoTrac Reference |
A133123216
If your textbook came with an InfoTrac passcode, click here to login on InfoTrac.
|
| News
Story |
Between 2001 and 2003, 70% of major UK companies suffered breaches that were traced back to staff misuse of information systems. Fewer than 40% of recorded breaches involved unauthorized access by outsiders. The internal breaches often come from an employee opening an infected spam email or using a USB memory stick that has been infected from an outside computer.
According to a recent survey of Information Age readers, 70% of UK companies have increased their IT security budgets in the past 12 months, but they still tend to focus on hardware and software products intended to keep security threats out. Just 10% is spent on developing and managing the internal processes that are needed.
Human error rather than flawed technology is the cause of most security breaches. Most IT security policies, if they exist at all, do not address this issue. Part of the problem is that business managers assume the IT department is managing the security policies, but HR and managers must ensure that the employee's security responsibilities are part of their employment contract and are supported by training.
|
| Questions |
| 1. |
Where do most company IT security threats come from?
|
| 2. |
What are the HR department's and company managers' roles in a company's IT security practices?
|
| 3. |
Visit the website of the ISF's Standards of Good Practice - http://www.isfsecuritystandard.com/index_ie.htm. Summarize this initiative and explain what a manager's role would be in implementing the recommendations.
|
|
| Source
|
"The Enemy Within," Information Age (London, UK), June 10, 2005. |
| Instructor Discussion Notes
|
Discussion
Notes
These notes are restricted to qualified instructors only. Register for free!
|
