Do you sit next to a security risk?

[InfoSec News <isn () c4i org>]

http://zdnet.com.com/2100-1105-935298.html

By Vivienne Fisher 
ZDNet Australia
June 12, 2002, 7:25 AM PT

Employees continue to be overlooked as an IT security threat, despite
the significant destruction they can cause, according to one white
paper.

A white paper released in the United States by Web filtering vendor
SurfControl found that more than 80 percent of security compromises
faced by companies came from within.

The white paper also found that poor security policies and procedures
and lack of staff education contributed to employees being an IT
security risk.

"Whether incidents are due to malicious intent or inadvertent employee
error, the result is the same: loss of revenue, productivity, and
potential liability," said author Jack McCullough in a statement about
the white paper.

"Many organizations only develop or update policies and procedures in
reaction to a security compromise," McCullough said. "As a result
companies are vulnerable, despite spending large sums on security
products and consultants."

Charles Heunemann, managing director at SurfControl in Australia,
estimates that about 90 percent of Australian companies' intellectual
capital is held in digital format. Heunemann believes it's this which
makes it a convenient target for unauthorized electronic transfer.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.