Persistent Warnings Are Causing ‘Security Fatigue’

Businesses are being warned that the sheer number of security warnings and instructions being imposed on their workers could lead to ‘security fatigue’ and expose them to risk.

Research from the National Institute of Standards and Technology (NIST) discovered the public is becoming tired of being ‘bombarded’ with alerts to update passwords in the wake of several high profile data breaches and avoid taking action or decide on the easiest option.

If anything, the number of successful attacks on large companies has led many to question whether it is actually possible to prevent such incidents.

Security fatigue

Also causing disillusionment is the requirement to remember multiple login credentials and use additional security measures and many feel they aren’t important enough to be targeted by cyberattacks in the first place.

And even then, they feel as though it’s someone else’s responsibility, such as an employer or retailer, to protect them.

The actual survey intended to find out more about usage habits but the fatigue was evident throughout the research. The authors say the findings are concerning given that more and more valuable data, such as health and banking details, is being stored online.

“We weren’t even looking for fatigue in our interviews, but we got this overwhelming feeling of weariness throughout all of the data,” computer scientist and co-author Mary Theofanos said.

“Years ago, you had one password to keep up with at work. Now people are being asked to remember 25 or 30. We haven’t really thought about cybersecurity expanding and what it has done to people.”

The authors suggest businesses limit the number of security decisions that end users are required to take, make it simpler for them to pick the right action and allow for consistent decision making. They suggest it will take a team of security experts and psychologists to make the situation better.

Only last week, users were being urged to exercise caution following the news that details of up to 500 million Yahoo accounts had been exposed, and the aftershock of a LinkedIn hack in 2012 is still being felt.

Are you a security pro? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Google Warns Of Italian Spyware On Apple, Android Phones

Italian company's hacking tools have been used to spy on Apple, Android smartphones in Italy…

3 days ago

Intel Signals Delay To Ohio Factory Over US Chips Act Dispute

Chip maker warns new factory in Columbus, Ohio could be delayed or scaled back, over…

3 days ago

Silicon UK In Focus Podcast: Sustainable Business

How do sustainable businesses use technology to innovate? And as businesses want to connect sustainability…

3 days ago

Australia Fines Samsung Over Water-Resistance Claims

Samsung rapped over the knuckles by Australian regulator because of 'misleading' Galaxy smartphone water-resistance claims…

3 days ago

Amazon Reveals Alexa Option To Mimic Any Person’s Voice

Bereavement aid for those in mourning? Amazon's Alexa voice assistant could be programmed to sound…

3 days ago