The biggest weakness in information security is not always the technology, but very often the people.* Lack of knowledge, misunderstanding and inadequate awareness of responsibility can lead to the unintended leakage of critical data, technical issues and failures for companies and authorities. This can cause serious damage. The safest information technology can only deliver security when neither staff nor managers are acting negligently.
IT security awareness measures motivate both staff and managers to recognise and appreciate their responsibility for information security. Specific measures and training adapted to the relevant environment will help to address this challenge. Various legal provisions and guidelines (IT compliance) require awareness measures to ensure that information is handled with care and in compliance with data protection law.
*This has been confirmed for years in various surveys by, for example, the BSI or Microsoft.