The Battle Against Breach Fatigue: Driving Employee Engagement in Data Breach Preparedness

Published: March 15, 2018 by Michael Bruemmer

The Identify Theft Resource Center reported 159 data breaches occurred in just the first two months of 2018 – that’s more than two incidents each day from Jan. 1 to Feb. 28. The prevalence of cyberattacks leaves little wonder why consumers and organizations alike are experiencing “breach fatigue,” or becoming indifferent about the impact of a data breach because they occur so frequently. With an ever-expanding roster of high-profile data breaches and an increased sense of inevitability, many organizations have become apathetic about preparedness and engagement.

When it comes data breach vigilance, even the most sophisticated of defenses prove fruitless if businesses can’t prevent response teams from becoming desensitized to threats. Normalizing data breaches or rationalizing the inevitability of one occurring without ensuring preparedness is in place poses a significant risk to a company’s customers, their bottom line, and their brand’s reputation.

To prevent breach fatigue from spreading through your organization, encourage employees to keep security top of mind by implementing the following best practices:

  • Maintain Transparency and Awareness. Transparency and accuracy are critical for articulating the realities of data breaches to employees. Implementing an ongoing educational program helps your employees recognize threats and promotes a more secure, risk-conscious culture throughout your organization.
  • Distinguish Threat Level and Type. Not all breaches are created equally, which is why employees must know how to distinguish among the various forms of cyber threats. For example, employees should understand the different repercussions that come from a data breach that compromises Social Security numbers versus one that accesses email addresses.
  • Ensure Consistency. Your company’s security practices should be reiterated to employees at every level and often. By ensuring everyone from the top executives to the entry-level staff has a total understanding of procedures, employees will keep security top of mind and be able to implement the appropriate course of action if needed.
  • Know the Warning Signs. When employees adopt an impassive approach to data breach prevention, they risk overlooking impending attacks or threats. Staying attuned to employee attitudes toward cybersecurity procedures in addition to conducting regular drills and reinforcing the importance of preparation can save your company valuable resources.

In today’s data breach landscape with the escalating scale and sophistication of attacks, it’s not uncommon for a sense of passivity to take root within a company. If left untreated, breach fatigue can lead to a reactive approach to security breaches, rather than one that is proactive. Through ongoing vigilance and communication, as well as continual refinement of security practices, you can ensure your employees are best positioned to recognize and prevent attacks and mitigate risk for your entire organization.