In 2017, there was a doubling of cybersecurity attacks. We witnessed and personally felt the impact of major incidents that hit some of our largest corporations, including Equifax and Uber. And this constant exposure to cybersecurity incidents has an effect on our psychology.
Research has shown that human beings have a tendency to remember the bad rather than the good. The trouble with this is that we end up in a situation where we feel disempowered by events, and eventually, we just stop caring. This is being reflected in the security industry by a phenomenon known as ‘security fatigue.”
What is Security Fatigue?
A study published in IT Professional looked at various aspects of security fatigue. In the study, the participants described feelings of “fatalism,” “risk avoidance” and “loss of control.” It’s likely that if you are reading this, you can relate to any or all of those feelings in terms of the current cybersecurity climate.
The ultimate result of these feelings is to practice risky behavior. And with risky behavior comes more security issues and, in turn, increased security fatigue. You can see the vicious circle closing in.
To break out of this circle, we need to use strategies to give back the control and stop the fatigue from setting in.
10 Steps to Detect and Prevent a Cyber Incident
These 10 steps offer ways of getting that control back and making cybersecurity less of a worry.
1. How Do We Solve a Problem Like Passwords?
Password fatigue is a well-known phenomenon. In the study mentioned above, participants stated “I get tired of remembering my username and passwords.” In a world where business users have, on average, 191 passwords, and where 81% of breaches are due to password exposure, fatigue can very quickly set in.
Options (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/78wQ75u-E6A/