"With today's open IT infrastructure, along with increased use of social networking and Web 2.0 applications within the enterprise, employees have unconsciously become the ultimate security back door and target of many silent attacks that expose organizations to data loss," said Irida Xheneti, Security Services research analyst, IDC Research. "Through a comprehensive security awareness program, organizations can build awareness around internal security vulnerabilities, proactively enable their employees to carefully consider the security implications of their online activities and ultimately strengthen risk management policies."
Employee behavior is also often linked to the causes of data breaches. According to the U.S. Cost of a Data Breach Study conducted by the Ponemon Institute, more than 88 percent of all data breach cases in 2008 involved insider negligence. Costs associated with data breaches are also on the rise. The study examined 43 organizations across 17 industry sectors and found that the average total cost per reporting company was more than $6.6 million per breach. More than half of the study's respondents believe that training and awareness programs assist in preventing future breaches.
"The Symantec Security Awareness Program has provided Meredith the tools necessary to provide our employees with a heightened awareness of our corporate policies, procedures and guidelines," said Brad Wyckoff, CIO at Meredith Corporation. "Working with Symantec, we were able to customize the relevance of the on-line tool and provide it in an easily accessible manner to our employees, enhancing our ability to better protect company data and our brand."
The Symantec Security Awareness Program provides in-depth education and tools to help customers avoid security risks by addressing employee behavior at all levels of the workforce. The latest offering includes updated curriculum and a more efficient format which allows customers to focus on key areas most relevant to their organization. The program can also be customized to address any audience regardless of role, responsibility, vertical industry or geographic location. Additional new features include: improved user interface with more graphics, searchable transcripts allowing users to quickly search and review key topics with ease, and online syndicated content to help organizations create a unique touch point for security information on their own website.
In addition, customers will be able to leverage an optional Payment Card Industry Data Security Standard (PCI DSS) module to address the growing demands around storing customer financial information. This module will help customers train their employees on the type of information that needs to be protected, and the requirements that must be enforced any time a credit card number is stored, processed or transmitted.
"Security personnel are facing unprecedented times that include shrinking resources and a highly sophisticated threat environment targeting all types of information," said Shelley Olson, vice president and general manager, Symantec Education Services. "Symantec's Security Awareness Program is a strategic option for organizations and will allow them to leverage their entire workforce as an extension of their information security team to reduce risks that could lead to data breaches or financial loss." Symantec Security Awareness Program is currently available. Additional information can be found http://www.symantec.com/business/services/category.jsp?pcid=education_services.
About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.