Technology

Cybersecurity: Don’t let “security fatigue” confuse you!

“People tell themselves that it is difficult and that the attackers always manage to carry out attacks. So they come to the conclusion that they can’t do anything about it.” (Photo: 123RF)

LA TECHNO PORTE CONSEIL is a section where you will learn about platforms, new tools or new features that you can easily and quickly implement in your daily work, as well as talk about current technology trends.

TECHNO DOOR CONSULTATION. Last week I described password managers as simple tools for protecting your information online. Despite their benefits, they have a low acceptance rate. Les Affaires is trying to figure out why people flirt casually when it comes to cybersecurity.

There appears to be a sense of “security fatigue” at work, according to Benoit Dupont, professor at the University of Montreal’s School of Criminology and Chair of Canada’s Department of Cybersecurity Studies. “We’ve been telling people to do the same thing for years, but in a very vague and very vague way.”

It makes people wonder if it’s really worth it, the professor says, especially since implementing new tools like password managers is time-consuming, but also mentally demanding. “We have to integrate them into everything we do.”

Too much is not enough

Information overload about cyberattacks exacerbates this fatigue. “People get the impression that they can do little alone because they are bombarded daily with information about all the risks, all the attacks and all the threats,” explains Benoit Dupont.

In his opinion, this may have the psychological effect of learned helplessness. “People tell themselves that it is difficult and that the attackers always manage to carry out attacks. So they come to the conclusion that they can’t do anything about it.”

There will also be an aspect where people hear about cybersecurity but aren’t necessarily worried about the issue, said Sébastien Gambs, professor in the Department of Computer Science at the University of Quebec in Montreal. “They tell themselves they won’t get hurt.”

Added to this is the fact that there is no major preventive campaign, as in public health, continues Benoit Dupont. “It doesn’t help people determine the apps they should be using.”

Business Risk Communication

While adding certain cybersecurity methods can make the workflow more cumbersome, as two-factor authentication does, Benoit Dupont believes that this only causes problems if the reasons for adding are not properly explained.

“You have to explain how hackers get access to email and systems,” he continues. [En faisant cela]even if using these solutions slows things down a bit, it’s pretty easy to protect them from attacks that can be devastating.

Therefore, it is necessary to communicate the risk in order to avoid resistance to adoption. “Change needs to be managed to explain the relative benefits, but also the absolute ones,” explains Benoit Dupont.

Therefore, companies must respond to the following statement: what risks does the new tool protect and with what degree of effectiveness.

In order not to miss this event, get “La techno porte conseil” in your mailbox!


.

Back to top button