Survey Report Compares Organization's Security Awareness Best Practices And
Overall Security Awareness Among Employees
HOUSTON and SAN JOSE, Calif., Feb. 19 /PRNewswire/ -- Special during RSA
Annual Conference - PentaSafe Security Technologies, Inc. today announced the
publication of its 2002 Security Awareness Index (SAI) Report based on results
from a free online survey, designed to measure organizations' information
security awareness. Analyzing responses from 583 companies and 1,350
individual employees worldwide, the 2002 SAI Report indicates that 23 percent
of security officers consider their organization's security awareness as
"dangerously inadequate" while an additional 44 percent consider their
security awareness "inadequate". Nearly 6 out of 10 employees who have taken
the survey score, on average, only a "D" or unsatisfactory grade when it comes
to appropriate security awareness and behavior.
"The survey results reveal a serious failure on the part of most companies
to adequately educate and train their employees in proper info-security
awareness and workplace habits," according to Todd Tucker, author of the
survey and chief security architect for PentaSafe Security Technologies. "It
suggests management has to dramatically improve its efforts to educate
employees on the best ways to protect their companies against cyber terrorism
and other threats to information assets, or risk very costly consequences."
Called the Security Awareness Index(TM) (SAI), the survey was developed by
PentaSafe Security Technologies, Inc., a Houston-based provider of information
security infrastructure software, and is co-sponsored by Computerworld
magazine in North America, and Computing magazine in Europe. The survey is
available free of charge online at http://www.humanfirewall.org as part of a security
awareness education campaign that assures results are kept strictly
confidential according to the site's privacy policy. The aggregate results
from all respondents to the survey have been compiled and analyzed in the new
70-page, 2002 Security Awareness Index Report, currently available for
purchase online at http://www.pentasafe.com for $195.00.
SAI Explored
Divided into two parts, the Security Awareness Index first asks chief
security officers a series of questions that help determine how companies rank
in implementing policies and procedures for making employees and others aware
of appropriate security behavior. The SAI provides security officers with a
quick benchmark on how well their companies are using "best practices" for
educating employees on proper security processes compared to other companies
in their industry, and of similar size.
The second part of the SAI enables chief security officers to test their
company employees' actual security knowledge and awareness level by emailing
an individual survey to up to any number of employees. Responses are then
compiled to produce a Security Awareness Index score that measures security
awareness among the employees of their particular organizations compared with
others in the same industry as well as all respondents.
"While there has been a lot of talk about what organizations must do to
guard against the threat of information security breaches, this new security
awareness survey gives companies a practical first step to gauge how well
their employees understand and follow existing security policies and
procedures," according to Pete Lindstrom, Director of Security Strategies for
the Hurwitz Group. "It begins to establish a metric that security officers
can use with business management to show a problem exists -- and hopefully get
the support and funding to do something about it."
The goal of the SAI, Tucker emphasized, is to give corporate security
officers a benchmark measure of their own success or failure in making workers
aware of what they must do to safeguard information assets and data. They can
then use their results, as well as the 2002 SAI Report, as a tool to help
convince top management to commit to funding security awareness programs.
"The Security Awareness Index survey was very valuable," according to Jim
Walsh, Network Administrator for Carthage College in Wisconsin and a
participant in the survey. "The survey gave us the information we needed to
ensure that security at the user level and user awareness of security policies
were being properly addressed. Plus," he continued, "it showed us where we
needed to improve policy formation and dissemination throughout our
organization."
Other SAI survey participant references are available to media upon
request.
About PentaSafe Security Technologies, Inc.
PentaSafe Security Technologies, Inc. enables companies to safely grow
their businesses by providing a complete security infrastructure solution that
includes people, policy and technology. PentaSafe's solutions help educate
people in an organization to comply with information security policies and
integrate each policy with best of breed security technology -- all designed
to ensure maximum protection of information assets throughout the enterprise.
PentaSafe has more than 1,200 customers worldwide, including one-third of the
Fortune 100 and 4 of the "Big 5" auditing firms. For more information, visit
http://www.pentasafe.com .
PentaSafe and Information Security Awareness Index are registered
trademarks of PentaSafe Security Technologies, Inc. All other company and
product names may be trademarks of the company with which they are associated.
Portions of this document may constitute "forward-looking statements" as
defined by federal law. Although the company believes any such statements are
based on reasonable assumptions, there is no assurance that actual outcomes
will not be materially different. Any such statements are made in reliance on
the "safe harbor" protections provided under the Private Securities Reform Act
of 1995. Additional information about issues that could lead to material
changes in performance is contained in the company's annual reports filed with
the Securities and Exchange Commission.
SOURCE PentaSafe Security Technologies, Inc.
 back to top
Related links:
http://www.rsa.com
http://www.pentasafe.com http://www.humanfirewall.org
CONTACT:
Janette Deyhle of PentaSafe Security
Technologies, Inc., +1-713-523-1992, or jdeyhle@pentasafe.com ;
or Casey Kaplan of Pierpont Communications, Inc.,
+1-713-627-2223, or ckaplan@piercom.com , for PentaSafe Security
Technologies, Inc.
|
