Cyber security engagement hampered by information overload

Digital overload and multiple communication channels are leading to a decline in engagement with cyber security training. That’s according to new research from cyber security education firm CybSafe. It found that more than half of 1000 surveyed office workers ignore important cyber security warnings due to being overwhelmed and fatigued from digital communication, with 47 percent stating that information overload is having an impact on their ability to identify threats such as suspicious emails. Overall, less than a quarter of workers are “very engaged” with their cyber security training.

Almost one in four (38 percent) of cyber security professionals say they struggle with a lack of company-wide training or understanding of cyber security, Cyber Security Hub research has found. The research, which was conducted from February to May 2023, also found that other top challenges for cyber security professionals included a failure to integrate cyber security into company culture (37 percent).

Alert fatigue and digital deluge affect employees’ ability to spot cyber threats

Alert fatigue and “digital deluge” are affecting employees’ ability to spot cyber dangers, CybSafe’s research found. Forty-one percent of respondents said that information overload is impacting their ability to retain and apply knowledge gained from cyber security training sessions. As a result, 36 percent admitted to occasionally cutting corners on cyber security practices, with 7 percent often skipping steps like using safe networks or setting strong passwords in the name of saving time.

The survey laid bare the obstacles hindering cyber security training with time constraints (42 percent), interest and motivation (30 percent), complexity of training materials (15 percent) and no direct relevance to daily roles (10 percent) the most cited. The research also found that 77 percent of people expect their digital experiences to be as frictionless and personalized as consumer experiences, suggesting security leaders must do more to improve workforce cyber security engagement.

Important cyber security information is being drowned out

In the current fast-paced digital environment, important cyber security information is being drowned out, said Dr Jason Nurse, director of science and research at CybSafe. “Organizations need to understand their people, their environments and how they prefer to receive information so it is helpful, not hindering.” Cyber security training experiences need to be more than informative – they must challenge, engage and weave into the everyday digital lives of individuals, he added. “More than that, they must be non-events, small insights, delivered in a simple way, tailored to the needs of that person.”

Security leaders must empathize with the workforce of today that is caught in an erratic stream of emails with varying levels of importance and instant messages on multiple platforms, said Oz Alashe MBE, CEO of CybSafe. “This inconsistency isn’t merely inconvenient or irritating – it’s actively undermining the goal of informed cyber security behavior. This is the issue we now need to tackle as security professionals.”

Learn more about cyber security training with Cyber Security Hub’s Guide to the best courses around the world