Opinion
Industry View| Ira Winkler on Awareness Training
Awareness training is great when people can hurt only themselves. But when people can hurt others, stronger measures are required
By Ira Winkler
What it comes down to is that there are hard costs being absorbed by society because of poor computer security awareness.
In the real world, this would be a no-brainer. After all, you have to properly maintain your car or you have to take it off the road.
If your house is a mess, that is your problem unless it begins to attract rats and becomes a health hazard to your neighbors. Then, you can be fined until the situation is corrected. You can also be evicted or your house can be condemned if you allow the situation to go on. Everyone can apply for a driver's license. However, that license can be taken away if you endanger others when you drive.
Why, then, are people allowed unfettered access to the Internet, even if they clearly demonstrate that they are an imminent danger to others? It would be great if awareness training were successful and would make a significant impact. The reality, though, is that awareness training has proven itself less than reliable in making any significant improvement in the overall security of the Internet.
More important is that the threat to innocent victims continues to grow, as we seem to be relying only on security awareness and the lack of responsibility on the part of others.
Ira Winkler is president and founder of the Internet Security Advisors Group (ISAG). Contact him at ira@isag.com.
Ira Winkler
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- FISMA Prescriptive Guide
- The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
- Beyond PCI Checklists: Securing Cardholder Data with Tripwire's Enhanced File Integrity Monitoring
- IDC White Paper: CCM for IT Compliance and Risk Management
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
