GDPR and Cyber Security for Business Information Systems by Antoni Gobeo;Connor Fowler;William J. Buchanan; & Connor Fowler & William J. Buchanan

GDPR and Cyber Security for Business Information Systems by Antoni Gobeo;Connor Fowler;William J. Buchanan; & Connor Fowler & William J. Buchanan

Author:Antoni Gobeo;Connor Fowler;William J. Buchanan; & Connor Fowler & William J. Buchanan
Language: eng
Format: epub
Publisher: CRC Press (Unlimited)
Published: 2018-04-15T00:00:00+00:00


Staff Awareness of Security

All the security tech in the world will not protect data from a staff member’s ignorant actions and remedying that lack of knowledge is the responsibility of the organisation.

A key organisational measure is in the training of staff to be aware of their duties and obligations around data protection. This includes education in the types of risks they may face in their work as it relates to the processing and protection of data. The behaviour of the members within an organisation plays a significant role in the creation of a culture of security. Cyber security may be seen as a “departmental” or IT issue rather than one in which the organisation as a whole, and each of its members, must be engaged in. Therefore, it is important to demonstrate a “top-down” engagement with data protection, and staff at all levels should see and understand the necessity for data protection as modelled by senior management.

Training for end users is often considered as an afterthought to technology-based countermeasures, to the detriment of security provision as a whole. Often training is provided as a “one type serves all” approach and is not developed with the needs of the end user in mind. Unsurprisingly, this achieves little in the way of improved security habits for the trainee and may lead to increased risk exposure for the organisation.

The risk arises from inadequate training that gives rise to a superficial awareness of the actual threats faced by the staff member, and the organisation;

“Well, the average computer user is going to pick dancing pigs over security any day. And we can’t expect them not to.”

Bruce Schneier, 1999.



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.