IT and Security Professionals Think Normal People Are Just the Worst

Two new studies reaffirm every computer dunce's worst fears: IT professionals blame the employees they're bound to help for their computer problems -- at least when it comes to security. From a report: One, courtesy of SaaS operations management platform BetterCloud, offers grim reading. 91 percent of the 500 IT and security professionals surveyed admitted they feel vulnerable to insider threats. Which only makes one wonder about the supreme (over-)confidence of the other 9 percent.

[...] Yet now I've been confronted with another survey. This one was performed by the Ponemon Institute at the behest of security-for-your-security company nCipher. Its sampling was depressingly large. 5,856 IT and security professionals from around the world were asked for their views of corporate IT security. They seemed to wail in unison at the lesser and more unwashed. Oh, an objective 30 percent insisted that external hackers were the biggest cause for concern. A teeth-gritting 54 percent, however, said the most extreme threat to corporate IT security came from employee mistakes.

A few things...

[roc97007]

A few points:

- Users are "unwashed" compared to IT personnel? Have you *worked* in IT?

- The first thing IT professionals forget (speaking as one) is that computer management isn't the user's job. It may be *your* expertise, but it isn't *theirs*. They have a different job to do which you would probably suck at. Expecting them to be IT professionals on top of their regular job is an unreasonable expectation. So stop fussing about it.

- That said, often security issues really are kinda the user's fault. We told 'em and TOLD 'em, don't do that, you'll infect your.. ok, too late.