It’s the User …

On: December 12, 2013
Gartner's new report on the "Nexus of Forces" shows once again that user training should be at the forefront of information security protections.

User education and its impact on security, and security awareness, is in the news again. Gartner’s recent Nexus of Forces report (link below) describes the “convergence and mutual reinforcement” of four interdependent trends: social media, mobile, the cloud, and information. And what’s driving this convergence? The behaviors of users. It’s a development that is, according to Gartner’s research, actually rendering existing IT architectures obsolete.

If that sounds extreme, think about this: what sits right at the intersection of those four converging forces? The user. Not technology, not infrastructure, not software, but the user. Meaning, from an IT perspective, the point of control has shifted. The tenuous position of a technology focus built upon legacy architectures, processes, skills, mind-sets, and habits is becoming increasingly apparent: the consumerization and democratization of IT has forever changed the landscape of information security. The net imperative of this paradigm is a new emphasis on user education, behavior management, and culture change. As Gartner points out, “No longer can the IT department merely prescribe.” Now, it must persuade users that their behavior is critical to the security and the success of the enterprise.

So how prepared are you to deal with increasingly sophisticated, resourceful—yet potentially dangerous—users? As industry experts Dr. Larry Ponemon, Dr. Kenneth Knapp, and others assert, top executive support combined with user awareness training is absolutely essential to navigating the changes that are now upon us. “Start there,” they say, “with the users, and then address the technology issues.”

Share this Article

Related Articles

Phishing attacks have long since evolved from the beleaguered requests of a Nigerian prince, and are by no means going away. 
Phishing Ad Nauseam: Is Getting Hooked a Symptom of a Larger Problem?
Phishing simulations without a larger cybersecurity awareness program are not all they're cracked up to be
White Paper: Drowning in Phishing
The annual Verizon Data Breach Investigations Report serves up as many learning moments as it does troubling InfoSec statistics this year.
The More You Know: 5 Lessons from the 2016 Verizon Data Breach Report
A new report shows just how big a role the human factor plays in cybersecurity concerns. (Hint, it's pretty big).
Human Factor Report: Social Engineering Ranks As Top Attack Technique