Jumping security hurdles

It is widely recognised that success in tackling security issues often depends upon acknowledgement and action by individuals. To quote Amit Yoran, erstwhile director of the National Cyber Security Division within the US Department of Homeland Security: "The human factor is typically the most critical variable in information security systems. Even the best policies and technologies can be rendered completely ineffective if users do not take responsibility for safeguarding the information they control".1 With this in mind, it is worth asking what stands in the way of users doing what is required of them. © 2010 Elsevier Ltd. All rights reserved.