Employees called greatest security threat

IT managers ranked employees as the greatest threat to an organisation's security, according to a recent poll.

The poll, conducted through ZDNet Australia's IT Manager Update newsletter, found that employees posed the greatest threat to security, with one respondent commenting that staff paid little attention to it.

Human error came a close second in the stakes. Human error, employees and script kiddies were considered major exposures despite rigid security access and privilege functionality, said one respondent. He said his organisation had put in place robust and closely monitored security features to obviate malicious hackers and vulnerabilities or viruses.

Security continues to be a major concern for chief information officers and IT managers trying to protect their business infrastructure. Organisations are increasingly looking at options such as protection for remote users connecting to the corporate network, and penetration testing.

Security flaws have also been hot topics, as have virus and vulnerability alerts.

In an interview with ZDNet Australia in May Michael Warrilow, a senior consultant at analyst Meta Group said that there was clear empirical data showing that companies had been taking an uncoordinated, uninformed and unplanned approach to security.

"Research on IT spending shows a consistent underspend," Warrilow said. "I think that needs to change."

He estimated that Australian organisations are spending between one and two percent of their IT budget on information security, yet believes they should be spending more like five to seven percent.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.