Is news of a data breach becoming “white noise”? Thanks to the sheer frequency of data breaches, the general attitude toward online security is becoming more “Meh” than “OMG.” That attitude, called breach fatigue, only ups the risk to our sensitive data.
A new survey from the National Telecommunications and Information Administration (NTIA) explains how breach fatigue has spread. From the US consumer’s perspective, the survey notes that concerns about when and where we share personal data – financial, healthcare or otherwise – is very different than it was two years ago. If attitudes have changed so much toward our own data privacy, how does it translate to the workplace, when it’s someone else’s sensitive data?
5 Ways to Guard against Breach Fatigue
1. Make cybersecurity part of the fabric of your organization. If your workforce is the front line of sensitive data defense, their attitude towards data security needs to be, “This is how we do it.” Cybersecurity is everyone's job - not just IT's. 2. Security awareness training needs to be conducted frequently. It's easy to forget what a phishing email looks like, or why you should think before you click when you are only trained once a year. Up your security awareness training schedule to at least once a month. 3. Talk about security basics in simple, easy-to-understand language. Jargon can be confusing and intimidating. An employee may not know what 'spear phishing' is and isn't comfortable asking for an explanation. Simpler messages have greater resonance, are easier to remember, can be shared more easily and are more likely to be acted upon. 4. Make real-world data breaches personally relatable. A simulated phishing email campaign can be designed to look like a UPS tracking file or a trending lip sync video – and a simple hesitation to click could protect thousands of data records. Including their own. 5. Remind employees that not everyone has the same access to sensitive data. Also, that what they think of as harmless sharing is anything but. When they understand how what they do relates to what they see and why, the light bulb comes on.
The loss of personal data privacy and security cannot become white noise. Connecting the dots between the personal impact of losing your private data and why there’s a need to protect the sensitive data of thousands of people you don’t know, may just help combat breach fatigue.
Want more ideas on how to help your employees protect sensitive data? Download our tip sheet.
Not sure where to start?
The NIST Guide can help. We can also provide you with a free copy of Ostendio’s password policy, as an example. Just contact us at firstname.lastname@example.org.
Avoiding the Hidden Pitfalls of Security Audits
In this webinar, see the 5 most common pitfalls of security audits and learn how you can avoid them with the power of MyVCM CrossWalk Assessments.