These days, logging into your workplace's online database can feel like going through a full identity check for the police. There are so many passwords, pin numbers, and questions to remember that it's no wonder you get tired of having to go through a myriad of security precautions every time you want to access a certain file or service. This attitude, while understandable, is known as cyber-security fatigue, and it could be detrimental to the safety of your business' information.
It’s often left to your IT team to combat cyber-security issues and ensure our businesses never become complacent about the ever-present threat of cybercrime. Truth is, it is everyone’s responsibilities. According to the Australian Cyber-Security Centre (ACSC) employees are listed as the fifth biggest threat to cyber-security.
Australia's growing cyber-threat landscape
Cyber-security has been around as long as most of us can remember, but there has been increasing emphasis on the importance of staying alert, due to continuously increasing attacks. The impact of cyber-crime in Australia has reached a new record over the last year, receiving a report every 10 minutes, according to ACSC. 60% of small businesses that are victims of a cyber-attack will go out of business within six months. Additionally, there has been a 424% increase in the sector’s cyber breaches last year. The biggest risks reported included ransomware, data breach, and advanced persistent threats. According to Fundera, just figuring out how a cyber-attack happened could cost $15,000.
The biggest concern revealed by reports, however, is the apparent lack of action demonstrated by some companies. For instance, 8% of respondents were unsure if they had been victims of cybercrime, and 43% chose not to report incidents because they see no value in it. This suggests that complacency is a worryingly big issue in Australia.
The problem of complacency and fatigue
A study from the National Institute of Standards and Technology (NIST) revealed the prevalence of cyber-security complacency and fatigue, a surprising result considering it was not the original intention of the research.
"We weren't even looking for fatigue in our interviews, but we got this overwhelming feeling of weariness throughout all of the data," said Mary Theofanos, computer scientist and co-author of the report.
This fatigue can lead to risky computer behaviour as even experienced IT professionals become desensitised and overburdened by extensive security measures, and constant threats. According to co-author Brian Stanton, this is an important issue for individuals, and businesses alike.
"The finding that the public is suffering from security fatigue is important because it has implications in the workplace, and in people's everyday life. It is critical because so many people bank online, and since healthcare and other valuable information is being moved to the internet," said Stanton. "If people can't use security, they are not going to, and then we and our nation won't be secure."
Moral of the story is that being reactive to cyber-security is not an option. Assembling a proactive plan, and preventive steps for your broader organisation has never been more important. Work with your teams to ensure that you don’t get caught out.
Need help with this? Get in touch today!