Lack of End User Training is a Large and Growing Threat to IT Security, CompTIA Study Finds

Washington, D.C., March 10, 2009 While information security remains a top priority for eight in ten IT professionals surveyed, many companies seem to be underestimating one of the most significant IT security threats – end user error. According to CompTIA's 7th Annual Trends in Information Security survey, human error is the primary cause of the most severe security breaches, yet significantly fewer organizations (45%) provided security training for their non-IT staff in 2008 compared to 53% in 2007.  The results of study will be released and presented at the FOSE tradeshow in Washington D.C.

"Fueled in part by the rapid adoption of portable hardware like laptops, flash drives and smart phones, and by distributed information technologies like crowd sourcing, social networks, virtualization and cloud storage, end users are exposed to new IT security threats every day," said Tim Herbert, vice president of research at CompTIA. "Security threats grow along with the expanding reach of IT so non-IT employees need to be continually trained on the latest IT security threats."

Terry Erdle, senior vice president of skills certification for CompTIA will present the detailed results of the study including the top five security issues across the IT landscape, how costly security breaches can be to a whole organization not just IT, and insights on how to lower your risk on Tuesday, March 10 at 2:20 p.m. in Theater 1 of the Walter E. Washington Convention Center in Washington D.C. as part of FOSE, a major federal IT tradeshow.

"Unintentional security breaches by non-IT staff cost companies thousands of dollars in lost productivity and business downtime," said Erdle. "This demonstrates a need for more employee trainings and deeper knowledge of technology functions."  

In addition to comprehensive industry research, CompTIA offers many other programs related to IT security including a new Security Trustmark accreditation that establishes security best practices for IT solution providers.

CompTIA's 7th Annual Trends in Information Security: an Analysis of IT Security and the Workforce was fielded to a sample of 553 US IT professional via the Internet during January 2009. The international portion of the study was fielded to a sample IT professionals in key markets around the world. The complete study is available free to CompTIA member companies at www.comptia.org/research .

For more information on the study, on CompTIA's certifications, or CompTIA's other work on behalf of the global IT industry, visit CompTIA booth 2209A on the FOSE show floor or navigate to CompTIA.org.

About CompTIA

CompTIA is the voice of the world's information technology (IT) industry. Its members are the companies at the forefront of innovation; and the professionals responsible for maximizing the benefits organizations receive from their investments in technology. CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy. For more information, please visit www.comptia.org .