Businesses are failing to adequately train their personnel for information security, author says. Effective security requires a unified approach to security, appropriate technology, relevant policies and proper education of personnel. Studies have shown that it is the human element that is at the heart of most security incidents. Businesses that address the first two, but not the third, are opening themselves up to potential claims they failed to act reasonably in protecting their information, he says. To many businesses, the idea of ongoing training about current and future security issues is just not on their radar screen.”]