Enforcing cyber security education and awareness doesn't always mean that your defence is stronger - in fact, it can potentially mean the opposite. Cyber security fatigue can render user awareness useless. That's why now is the time to educate smart, not just often.
Nowadays, you don't have to work within IT security, HR or the C-suite to feel the burden of data breaches. Of course, the boardroom and higher management are being bombarded with all types of security warnings and budgetary requests. But what about lower-level employees?
Most end users are now expected to act as an effective line of defence against cyber criminals. Compliance, policies and security information are often thrown in their direction, in the hope that most of it sticks.
But how these steps are taken is just as important for a business as taking these steps at all.
The simple fact is, the average user is feeling the burden of IT security. Combining a constant flow of security messages with a high level of tech jargon, means users are becoming desensitised to cyber security.
Clearly, the old "watch out for this and that" isn't cutting it anymore - security awareness needs to be smarter. So, let's dig into some of these fatigue-related issues and look at how your users can overcome them...
1. Make authentication life a little easier (and more secure)
On average, we have 22 separate passwords in both our personal and professional life (although we've probably forgotten half of these). That might sound like a lot of passwords, but 91% of us still the same password across multiple sites.
Cyber security fatigue has ultimately encouraged many users to choose the shortcut. Rather than remembering a bunch of character-sensitive passwords, employees are choosing the easy option of reusing the same credentials - weakening the security process.
So instead of relying on our rusty memory or, even worse, post-it notes (*shudders *), arguably the best solution is to encourage the use of a password manager. Modern password managers allow you to synchronise all of your accounts between laptops and mobile devices. It is also one of the easiest ways to create unique and difficult to guess passwords, and also helps avoid those headache-prone reset procedures.
2. Less time updating, more time automating
We all get a host of notifications from all types of apps. There's always the need to approve an update, enter a new password, run a virus scan, ensure that your files are backed up. The list can go on and on.
The best way to avoid these constant requests is to encourage users to automate as much as they can. For instance, antivirus applications have an option to automatically download new updates to their virus definitions (it's worth noting that some antivirus apps have this enabled by default, so you might not have to worry about it!).
Scheduling different levels of scans to happen at regular times is also useful, as you don't have to worry about trying to remember the last time you scanned your computer. You can even set this in the middle of the day (if your antivirus isn't a huge resource hog).
Implementing these will ensure that fewer notifications will be sent to yourself or your employees, meaning that productivity isn't hindered by these draining pop-ups.