Increasingly risky computer behaviour blamed on user ‘security fatigue’
Computer users are increasingly turning to risky behaviour as a result of ‘security fatigue’, according to a new study
The US National Institute of Standards and Technology (NIST) found that the majority of their participants would often experience fatigue when forced to navigate computer security.
Users that are regularly confronted with verification steps, asked to accept numerous agreements or forced to remember multiple passwords complain of weariness and develop a lack of interest in cyber-security, findings suggest.
"I don't pay attention to those things anymorePeople get weary from being bombarded by watch out for this or watch out for that'," said one study participant.
Speaking to NIST, computer scientist and co-author Mary Theofanos said: "Years ago, you had one password to keep up with at work. Now people are being asked to remember 25 or 30."
We haven't really thought about cyber-security expanding and what it has done to people," said Theofanos.
The study, published in IEEE IT Professional, collected qualitative data using participants from a variety of age groups, locations and occupations. The research panel assessed typical computer behaviour and found that the majority of subjects felt overwhelmed.
NIST also identified feelings of helplessness and resignation, particularly when large corporations are hacked and data is stolen. TalkTalk was recently given a record fine after a security breach in 2015 allowed hackers to access personal details of over 156,000 users.
Ed Macnair, CEO of CensorNet, told IT Pro thatThe security industry and businesses need to work to instil confidence in the public, as well as encourage them to make security a priority.
"Security might appear complex and time consuming, but it really isn't. The public needs to be educated on how simple and quick things like password managers are. More organisations need to force people to use these tools so that it becomes the new normal to use," said Macnair.