Comments on: Security education: ineffective or the wrong approach? http://www.gfi.com/blog/security-education-ineffective-wrong-approach/?utm_source=rss&utm_medium=rss&utm_campaign=security-education-ineffective-wrong-approach Brought to you by GFI Software Fri, 13 Sep 2013 13:27:20 +0000 hourly 1 By: David Kelleher http://www.gfi.com/blog/security-education-ineffective-wrong-approach/comment-page-1/#comment-13 David Kelleher Fri, 03 Jul 2009 10:39:57 +0000 http://www.gfi.com/blog/?p=257#comment-13 @GeeksAreSexy

Very true. However, end-users are closer to potential problems and are often the first to identify security incidents. The goal of an awareness program is often to change attitudes to technology and to help employees appreciate the value of the data and technology they are using. And this takes time and repetition. As you rightly point out, it only takes one employee to ruin all the hard work. At the same time, though, I would prefer my risk to be limited to that one employee, if the remaining 49, for argument’s sake, are alert and aware of the consequences of their actions. Long-term, I believe, there is value in having an educated and alert workforce.

Thanks for your comment.

]]> By: Geeks are Sexy http://www.gfi.com/blog/security-education-ineffective-wrong-approach/comment-page-1/#comment-12 Geeks are Sexy Thu, 02 Jul 2009 13:08:44 +0000 http://www.gfi.com/blog/?p=257#comment-12 You know what they say… Security is only as strong as its weakest link.. Sure, security awareness certainly can’t hurt, but it only takes 1 person to make all your noble, precious efforts useless.

]]>