Security fatigue is preventing us from being safe online

tired_-623x410

Security fatigue in online users is “exposing them to risk”, according to a study by the National Institute of Standards and Technology (NIST).

The paper found that people feel “overwhelmed” with having to be on constant alert from cyberattacks, as well as negatively affected by the proliferation in online security measures to protect themselves.

As a result, many will ignore the warning signs of a possible attack. As one individual remarked: “I get tired of remembering my username and passwords.”

Mary Theofanos, co-author of the study and computer scientist at NIST, said: “Years ago, you had one password to keep up with at work. Now people are being asked to remember 25 or 30. We haven’t really thought about cybersecurity expanding and what it has done to people.”

Comments from respondents to the study illustrated that online users were unaware of how much they were at risk.

For example, “many interviewees” said they didn’t think their information was significant enough to be of interest.

Others stated that they didn’t know anyone who had ever experienced a cyberattack.

The paper also revealed that many felt their online safety would be protected by authoritative figures, such as their bank.

There are ways to improve user behavior and to reduce so-called security fatigue, which is described as “a weariness or reluctance to deal with computer security”.

According to the authors of the paper, this includes reducing the number of security-related decisions a user has to make, as well as simplifying the process for users to “choose the right security action”.

Earlier this year, the second annual RSA Cybersecurity Poverty Index stated that organizations need to take charge of their cybersecurity efforts.

“We need to change the way we are thinking about security, to focus on more than just prevention – to develop a strategy that emphasizes detection and response,” Amit Yoran, president of the RSA, commented at the time.

by Narinder Purba, ESET We Live Security


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s