This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Infosec 2013 : Squeezed budgets mean security education Is vital

Share this article:
As security budgets get squeezed in a time of austerity, companies need to seriously focus on education, training and awareness.

This was a key message from Infosecurity 2013, with IT bosses agreeing this was the best way to create good security without having to break the bank.

Graham McKay, CISO at Scottish publisher DC Thompson, said: "We are all facing considerable budget pressures, with an increasing threat landscape. It's a challenge.

"But we've adopted the approach of education, training and awareness.Educating our staff, getting the best value for money. Identifying what our information assets are, and taking the best approach to protect those."

Cal Judge, Head of Information Security at Oxfam UK, agreed that education was vital. He said that it was key to get staff interested in information security, and buy into it.

"You can do this through various methods," he said. "For us it is about for example, creating an online course that is entertaining and interactive.

"You can take a story about a celebrity getting their Twitter account hacked, use that scenario, and get staff buying into the idea that password security is essential to securing their account.

"People don't remember doing boring courses, and if they are having fun during the process, they are more likely to remember."

Michelle Tolmay, security officer at online retailer ASOS.com, said all new starters in her business needed to undergo security awareness training. 

She said that she checks their Facebook and Twitter accounts before they start, and reveals personal facts about them she discovers at the beginning of the session.

Tolmay said, "People start thinking, hang on, what have I actually put out there to find that information? We're quite lucky as most ASOS staff are customers.

"Not only do we make it personal because of how they need to protect themselves in their day-to-day lives, we can take that one step forward and show how customers of ASOS need to protect themselves.

"Staff will take more interest because they know that if there is a data breach, it's not the information of random people around the world - it's theirs."
Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Home Depot card data breach undetected for four months

Home Depot card data breach undetected for four ...

The Home Depot card data breach may have continued for longer than the Target attack late last year, according to new reports.

Microsoft closes Trustworthy Computing as part of layoff strategy

Microsoft closes Trustworthy Computing as part of layoff ...

In a surprise move, Microsoft has effectively closed its Trustworthy Computing (TwC) Group as part of the loss of 2,100 jobs in a restructuring plan announced late last week.

More celebrity pictures revealed: Apple and FBI investigating

More celebrity pictures revealed: Apple and FBI investigating

Celebgate 2: a depressing weekend for some celebrities as more hacked pictures leaked from iCloud.