End-user security culture: A lesson that will never be learnt?
Security threats to end-user systems are nothing new. Viruses have been with us for well over 20 years; spyware has clocked up more than a decade since the earliest incidents; and large-scale use of phishing can be traced back to at least 2003. Indeed, the increasing range of Internet applications, and the accompanying increase in threats, heightens the need for security and privacy awareness. Unfortunately, however, it seems that the rapid adoption of online services has not been matched with a corresponding embrace of security culture. This article examines the current position, and considers the extent to which security awareness lessons have been learnt.Furnell SM