Increasingly risky computer behaviour blamed on user ‘security fatigue’

Computer users are increasingly turning to risky behaviour as a result of ‘security fatigue’, according to a new study

The US National Institute of Standards and Technology (NIST) found that the majority of their participants would often experience fatigue when forced to navigate computer security.

Users that are regularly confronted with verification steps, asked to accept numerous agreements or forced to remember multiple passwords complain of weariness and develop a lack of interest in cyber-security, findings suggest.

"I don't pay attention to those things anymorePeople get weary from being bombarded by watch out for this or watch out for that'," said one study participant.

Speaking to NIST, computer scientist and co-author Mary Theofanos said: "Years ago, you had one password to keep up with at work. Now people are being asked to remember 25 or 30."

Advertisement - Article continues below
Advertisement - Article continues below

We haven't really thought about cyber-security expanding and what it has done to people," said Theofanos.

The study, published in IEEE IT Professional, collected qualitative data using participants from a variety of age groups, locations and occupations. The research panel assessed typical computer behaviour and found that the majority of subjects felt overwhelmed.

NIST also identified feelings of helplessness and resignation, particularly when large corporations are hacked and data is stolen. TalkTalk was recently given a record fine after a security breach in 2015 allowed hackers to access personal details of over 156,000 users.

Ed Macnair, CEO of CensorNet, told IT Pro thatThe security industry and businesses need to work to instil confidence in the public, as well as encourage them to make security a priority.

"Security might appear complex and time consuming, but it really isn't. The public needs to be educated on how simple and quick things like password managers are. More organisations need to force people to use these tools so that it becomes the new normal to use," said Macnair.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020