More than half admit to ignoring cybersecurity alerts due to information overload at work

More than half of today’s office workers are ignoring important cybersecurity warnings due to being overwhelmed and fatigued from digital communication.

  • Wednesday, 29th November 2023 Posted 11 months ago in by Phil Alsop

New research from CybSafe has shed light on an alarming trend in today’s workplaces. Digital overload and multiple new communication channels are not only reducing productivity but are leading to a decline in engagement with cybersecurity training. As a result, people are increasingly ignoring cybersecurity notifications and are more likely to display risky cybersecurity behaviours like clicking on phishing emails or ignoring notifications to turn on Multi-Factor Authentication (MFA).

More than half (54%) of today’s office workers are ignoring important cybersecurity alerts and warnings due to information overload from digital communication. 47% admitted to feeling the information overload is having an impact on their ability to identify threats such as suspicious emails.

With 72% confirming they feel at least occasionally overwhelmed with the amount of information and communications they get at work, it’s little wonder cybersecurity engagement is being impacted as a result. Today's workers are frequently interrupted by the buzz of notifications, reminders, and messages on various platforms.

The new research is released as ICO data indicates a 41% year-on-year increase in data security incidents reported to the body between Q2 2022 and Q2 2023. Cyber incidents (a type of breach with a clear online or technological element which involves a third party with malicious intent.) saw a significant 157% increase over the same period, with ransomware and malware events seeing particularly prominent increases of 241 and 550%, respectively.

As cyber threats evolve and increase in complexity, the implications of these trends are concerning. Risks range from individual data compromises to significant business data theft.

Worryingly, the survey of 1000 office workers uncovered important cybersecurity warnings are going unnoticed. The digital deluge is affecting employees’ ability to spot cyber dangers. 41% feel information overload is impacting their ability to retain and apply knowledge gained from cybersecurity training sessions - a fact being displayed by people’s self-reported security behaviours.

Daily habits show a slip in safe actions and higher engagement in risky behaviour.

36% admit to occasionally cutting corners on cybersecurity practices

7% admitted they often skip steps like using safe networks or setting strong passwords, all in the name of saving time

Less than 1 in 4 employees - 23% - report being engaged with their cybersecurity training. And 41% say there's just too much information to remember and use. This shows that companies need to stop and consider better ways to help employees change their behaviour and engage with cybersecurity. If the end goal of an organisation’s cybersecurity programme is culture change, access to training in itself is not evidence the training is being consumed or internalised within the workforce. There is more work to be done on how and where leaders are communicating cybersecurity best practices to their workforce.

The survey lays bare the obstacles hindering cybersecurity training. The top barriers:

Time constraints (42%)

Interest and motivation (30%)

Complexity of training materials (15%)

No direct relevance to daily roles (10%)

The research also found 77% of people expect their digital experiences to be as frictionless and personalised as consumer experiences. This suggests leaders need to do more if they want to see stellar cybersecurity engagement within their workforce.

Oz Alashe MBE, CEO of CybSafe, reacted to the research, stating, "As time goes on, organisations understand the question ‘do our people have access to cybersecurity information?’ is the wrong one. Instead, many are now asking, ‘How do we give cybersecurity support in a way that will engage workers and lead to genuine behavioural change?’

“We must empathise with the workforce of today. Employees are caught in an erratic stream of emails with varying levels of importance and instant messages on multiple platforms, not to mention social media-it isn’t surprising cybersecurity information is getting lost along the way. Importantly, however, this inconsistency isn't merely inconvenient or irritating— it's actively undermining the goal of informed cybersecurity behaviour. This is the issue we now need to tackle as security professionals.”

“As a result, CISOs need to consider not only the material their people are consuming but on what platform it is being delivered to them and in what way.”

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 3 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 3 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 3 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 3 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 3 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.