DHS Tests Show Security’s People Problem

Today’s DHS Cyber Open Source Report included the following article originally published in Computerworld.com.

“It was widely reported last week that as part of a study, the U.S. Department of Homeland Security (DHS) randomly dropped USB and optical drives in government and private contractor parking lots — and more than half of those who picked one up readily plugged it into their work computer.  Bloomberg News reported that 60% of those workers and contractors who picked up the drives plugged them into office computers.  The report also said that 90% of found drives stamped with official government logos were plugged in.  The DHS this week refuted the news reports, as well as denying that a “full report” would be published later this year.  A DHS spokesman confirmed that studies were published by the Idaho National Laboratory last year.  A primary study found that 20% of employees who picked up a drive plugged them into work computers — not 60% as had been reported.  After being educated on security precautions, only 2% of employees who picked up a drive in a follow-up study plugged it into an office computer.

Whatever the results, the studies are a reminder that more often than not, employees ignoring sound security practices is at the heart of many a security breach. ”

Source: http://www.computerworld.com/s/article/9218214/


Comments are closed.