According to a study published by the National Institute of Standards and Technology (NIST) in late 2016, security fatigue is rapidly emerging as a dangerous threat to previously effective cybersecurity programs. The study drew on data from a qualitative study on the perception and beliefs of computer users when it came to online privacy and cybersecurity. The study found that individuals are increasingly taking vital information such as netbanking passwords, PIN numbers, and so on for granted, and there’s a general sense of loss of control when it comes to increasing and tackling cybersecurity.
How is cyber fatigue caused?
As the Internet has become a greater part of our lives, the level of general cyber fatigue has only seemed to increase. People have to remember an incredible amount of passwords and increasing amounts of people are conducting all their financial transactions in the online sphere. Users are tired of being overwhelmed by the need to be constantly on the guard against cyber attacks and a significant amount of people believe that they will not be attacked.
Security is compromised by factors such as users failing to make their login processes more complex and using more secure steps such as two-factor authentication. The massive Yahoo hacks that came to light in 2016 and the federal employee hack of 2015 have brought these issues to the mainstream as increasing amounts of users are terribly lax about sensitive information that could be used against them.
How can cyber fatigue be solved?
Cyber fatigue is probably an inevitable development of the proliferation of the Internet, and by simply changing their behaviour, users will be unable to effectively take serious steps toward real security. Customers need to become increasingly vigilant about the nature of their details on different websites and look beyond mere conveniences, benefits, and cost benefits. New laws governing the Internet are expected to grow in the coming years and they need to provide clear language about the security of user data.
Companies and websites also need to play a significant role when it comes to reducing security fatigue. Anti-virus software needs to be strengthened further in response to the ever-rising amount of ransomware and malicious software. Companies and websites need to make it simpler for users to choose the most secure security action possible while limiting the number of security decisions users need to make. Consistent, clear, and comprehensive guidelines need to be developed by all companies when it comes to data protection.