Firms plan to raise security training

ISC2 surveys 4,305 IT security professionals

Companies will spend more next year on training staff to be more aware of IT security risks, according to international research published today (Thursday).

With security threats becoming more sophisticated, and organisations forced to comply with data privacy and financial regulations, businesses are set to increase spending on employee education by 22 per cent in 2006, according to security certification body ISC2.

The survey of 4,305 information security professionals from 80 countries also suggests that firms plan to increase the security knowledge of IT departments, with more than half expecting to invest more in business continuity, risk management and computer forensics training.

‘Complex security solutions, regulatory requirements and encroaching threats
are driving organisations to entrench security strategies and policies, and rely on highly educated, highly qualified professionals,’ said IDC analyst Allan Carey, who conducted the survey on behalf of the certification body.

Organisations are spending on average more than 43 per cent of IT security budgets on personnel, training and education.

More than 20 per cent of those surveyed say the chief executive has ultimate responsibility for protecting corporate data.