Paul Kearney is chief security researcher in the Security Futures Practice, BT Innovate & Design. He is based at BT's Adastral Park technology centre near Ipswich, and has worked in information security research since 2001. Paul Kearney is a Certified Information System Security Professional (CISSP) and a full Member of the Institute Of Information Security Professionals (MInstISP). He holds a PhD in theoretical physics from the University of Liverpool, and is the co-author of the White Paper, "Human Vulnerabilities in Security Systems", published in 2007 by the Cyber Security Knowledge Transfer Network.

Your business information is likely to be much more valuable than the hardware on which it is stored. The loss of a laptop might set you back £400, but if the files on the laptop included sensitive customer data or the blueprint for a new product, the cost of repairing the damage would run into thousands. The consequences of a data breach range from alienating customers to heavy fines, or even criminal prosecution. While technologies, such as antivirus software and encryption, can offer some protection against cybercrime, security breaches are most often the result of human error and carelessness.
Improve information security

Improving information security within your organisation, therefore, has to encompass people and processes, as well as technology. Motivating your team and making them more aware of security concerns should be at the heart of your information security strategy. At the same time, the processes you have in place to address information security issues need to be straightforward and properly understood if you want your employees to adhere to them.
BT's approach

This pocket guide is based on the approach used by BT to protect its own data security - one that draws on the capabilities of both people and technology. The guide will prove invaluable for IT managers, information security officers and business executives.
Read this guide and ...

¿Win business
By demonstrating that there are effective safeguards for your business information in place, you can strengthen the trust of partners and customers and improve the image of your brand. Effective information security may even provide the extra advantage you need to close an important deal.
¿Protect your organisation from social engineering attacks
Once fraudsters have gained the trust of a company employee they will then seek to exploit that trust for their own criminal purposes by persuading the employee to divulge confidential information. This pocket guide will help your staff to be on their guard against this type of threat.
¿Improve processes and procedures
The guide sets out some basic precautions that employees can take, both in and outside the workplace, to reduce the risk of a data breach.
¿Enable people to make a positive contribution to security
The processes you have in place to manage your information security need to be observed. At the same time, you are unlikely to achieve the optimum level of protection unless your workforce understands the reason why these policies are necessary. This pocket guide shows you how you can enhance your information security by engaging and motivating your staff.

Security: The Human Factor looks at the challenges associated with information security, the consequences of failing to meet them and - most importantly - at the steps organisations can take to make themselves and their information more secure.