Is user education pointless for security?

Posted on Tuesday, October 17 2006 @ 13:03 CEST by Thomas De Maesschalck
Security expert Stefan Gorling said last week that he thinks that educating users about how to be safe online is pointless.
When things go wrong, users call help desks, either at their company or at a technology supplier, such as a PC maker, software maker, or an Internet access provider, which can cost a fortune. The solution, many technologists say, is to educate the user about online threats. But that doesn't work and is the wrong approach, Gorling said.

"I don't believe user education will solve problems with security because security will always be a secondary goal for users." --Stefan Gorling, doctoral student, Royal Institute of Technology "Might it be so that we use the term and concept of user education as a way to cover up our failure?" he asked a crowd of security professionals. "Is it not somewhat telling them to do our job? To make them be a part of the IT organization and do the things that we are bound to do as a specialized organization?"
Read on over here.

Loading Comments