Why your employees are still a huge security risk

Is security awareness training doing the job of protecting organizations from employee negligence? Michael Bruemmer of Experian Data Breach Resolution tells us where awareness is falling short, and what companies can do to improve

07 breach botch
Credit: CSO staff

Despite an increase in security awareness training, and concern about awareness by top-level management at companies, data breaches continue to happen through employee negligence, whether malicious or not.

In the latest episode of Security Sessions, I spoke with Michael Bruemmer, vice president at Experian Data Breach Resolution, about a recent survey that said companies are unprepared to stop employee-caused data breaches.

Among the highlights of the video are the following sections:

1:15 Why it’s surprising that employees are still responsible for data breaches and additional discussion from the Experian survey.

2:18 Where awareness training is failing, and what companies can do to improve.

3:26 Are granular awareness programs (specific training for specific job roles) on the rise?

4:57 Should employees be fired if they fail to become more aware about security?

5:45 Why are CEOs and other C-level executives often exempted from security training?

07:04 How can CSOs motivate employees positively in thinking about security?

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.