数据泄露疲劳

随着网络攻击频率的增加, 消费者可能会遭受数据泄露疲劳, a term used to describe the apathy present as breaches become more commonplace. 仅2020年就有155个.8 million individuals were affected by data exposures, potentially leading consumers to become desensitized to news of a breach and unmotivated to protect themselves. 事实上, recent research from RAND Corporation found that following a data breach, only half of the survey respondents changed their passwords or personal identification numbers, and 1 in 5 respondents didn’t take any action at all.

While consumers may have become weary of data exposure, 组织 cannot afford to suffer from data breach fatigue and must remain diligent in their cybersecurity efforts. 不过, 84% of North American chief information security officers believe that cybersecurity breaches are inevitable, 根据卡巴斯基实验室的研究.

Normalizing data breaches or rationalizing their inevitability can pose significant harm to an organization’s customers, 底线与声誉. This article discusses the repercussions of data breach fatigue on 组织 and the steps 组织 can take to ensure they don’t become complacent to cybersecurity needs.

数据泄露疲劳的风险

Organizations that have become desensitized to the seemingly never-ending stream of cyberattacks are at risk of suffering major losses. Data breach fatigue and surrendering to the “inevitable” can result in severe damage, including:

  • 失去信任—Consumers may not trust 组织 that are affected by data breaches. A study by the Poneman Institute found that nearly one-third of respondents stopped doing business with companies following a data breach.
  • 损失的钱-数据泄露的代价可能很高. According to IBM, the average cost of a stolen record is $148. 数百万条记录被泄露, it can become quite expensive for companies to recover.

Data breaches also tend to affect small businesses more severely than large corporations. According to the National 网络 Security Alliance, 60% of small businesses fail within six months following a data breach, typically due to significant financial and reputation damages.

预防措施

The constant threat of cyberattacks can be overwhelming for 组织 and their employees, 导致自满和疲劳. Organizations must stress the importance of cybersecurity to their employees to limit the possibility and impact of a breach. Organizational leaders can take the following actions to help prevent data breach fatigue from spreading to employees:

  • 保持透明度和意识-让员工参与网络安全, 组织 must be transparent and build awareness about the subject. Ongoing educational programs can help employees identify threats and promote a more secure, 对风险高度敏感的工作环境.
  • 区分威胁级别和类型—Burnout may occur if every issue is treated with the same level of urgency. Establish a hierarchy of threat levels so that employees understand the different repercussions that arise from each type of breach.
  • 确保一致性—Security practices should remain consistent throughout every level of an organization. Top executives and entry-level staff alike should have the same understanding of cybersecurity procedures.

In addition to educating the workforce on cybersecurity, 组织 should work to prevent data breaches from occurring in the first place. 为防止数据泄露,各机构应:

  • 检查网络安全政策—Ensure the cybersecurity measures in place are sufficient at preventing breaches. Address policies every time a new vulnerability is identified.
  • 保持软件更新—Install the latest software updates on all company laptops, smartphones and networks to help ensure that malware and virus protection is current.
  • 备份数据—Data should be encrypted and backed up to secure cloud storage.

如果发生数据泄露, 组织 should initiate their incident response plan to reassure customers and limit the damage.

还记得, 组织, employees and consumers must remain vigilant to fight off data breach fatigue in today’s connected world. By maintaining a positive security culture and staying alert, 组织 can minimize the occurrence and damage of data breaches.

For additional risk management guidance and insurance solutions, 今天联系韦德1946官网. 韦德1946.

评论是封闭的.

This website provides only a simplified description of coverages and is not a statement of contract. 保险范围可能并不适用于所有州. 查阅保险范围的详细资料, 条件, 限制, 以及未承保的损失, 一定要看一下政策, 包括所有支持, 或招股说明书, 如果适用的话.