Cyber Risks & Liabilities

As the frequency of cyberattacks rises, users may experience data breach fatigue, a term used to describe the apathy that occurs as breaches become more prevalent. In 2020 alone, 155.8 million people were affected by data breaches, potentially leading to customers being desensitized to news of a breach and uninspired to protect themselves. In reality, according to recent RAND Corporation research, only half of survey respondents changed their passwords or personal identification numbers after a data breach, and one in five did not take any action at all.

While customers may have grown tired of data breaches, businesses cannot afford to become complacent in their cybersecurity efforts and must maintain vigilance. Nonetheless, according to Kaspersky Lab study, 84 percent of North American chief information security officers believe that cybersecurity incidents are unavoidable.

Normalizing or justifying data breaches can have serious consequences for an organization's customers, bottom line, and reputation. This article discusses the repercussions of data breach fatigue on organizations and the steps organizations can take to ensure they don't become complacent about cybersecurity needs.

Risks of Data Breach Fatigue

Organizations that have become desensitized to the seemingly never-ending stream of cyberattacks are at risk of suffering major losses. Data breach fatigue and surrendering to the "inevitable" can result in severe damage, including:

  • Loss of trust—Consumers may not trust organizations that are affected by data breaches. A study by the Poneman Institute found that nearly one-third of respondents stopped doing business with companies following a data breach.
  • Loss of money—Data breaches can be costly. According to IBM, the average cost of a stolen record is $148. When millions of records have been compromised, it can become quite expensive for companies to recover.

Data breaches also tend to affect small businesses more severely than large corporations. According to the National Cyber Security Alliance, 60% of small businesses fail within six months following a data breach, typically due to significant financial and reputation damages.

Preventive Measures

The constant threat of cyberattacks can be overwhelming for organizations and their employees, resulting in complacency and fatigue. Organizations must stress the importance of cybersecurity to their employees to limit the possibility and impact of a breach. Organizational leaders can take the following actions to help prevent data breach fatigue from spreading to employees:

  • Maintain transparency and awareness—To get employees involved in cybersecurity, organizations must be transparent and build awareness about the subject. Ongoing educational programs can help employees identify threats and promote a more secure, risk-conscious work environment.
  • Distinguish threat level and type—Burnout may occur if every issue is treated with the same level of urgency. Establish a hierarchy of threat levels so that employees understand the different repercussions that arise from each type of breach.
  • Ensure consistency—Security practices should remain consistent throughout every level of an organization. Top executives and entry-level staff alike should have the same understanding of cybersecurity procedures.

In addition to educating the workforce on cybersecurity, organizations should work to prevent data breaches from occurring in the first place. To prevent data breaches, organizations should:

  • Review cybersecurity policies—Ensure that the security measures in place are adequate to prevent breaches. Address policies every time a new vulnerability is identified.
  • Maintain software updates —Install the latest software updates on all company laptops, smartphones, and networks to help ensure that malware and virus protection is current.
  • Back up data—Data should be encrypted and backed up to secure cloud storage.

If a data breach occurs, organizations should initiate their incident response plan to reassure customers and limit the damage.

Remember, organizations, employees and consumers must remain vigilant to fight off data breach fatigue in today's connected world. By maintaining a positive security culture and staying alert, organizations can minimize the occurrence and damage of data breaches.

For additional risk management guidance and insurance solutions, contact INSURICA today.

This Cyber Risks & Liabilities document is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. © 2021 Zywave, Inc. All rights reserved.

About the Author

INSURICA
INSURICA

Share This Story

Stay Updated

Subscribe to the INSURICA blog and receive the latest news direct to your inbox.

Related Blogs

Making an Acquisition? Why the EMOD Shouldn’t Be Overlooked

August 18th, 2025|Blog, Construction, southwest, Trending|

When acquiring another company, there’s no shortage of factors to consider. From valuing physical assets to estimating potential synergies, the due diligence process can be complex. However, one critical element often overlooked is the EMOD.

2026 Employer Mandate Update

August 14th, 2025|Blog, Employee Benefits, Trending|

In July 2025, the IRS released new guidance increasing both the affordability percentage and penalty amounts under the Affordable Care Act’s employer mandate for the 2026 plan year. These changes will affect how Applicable Large Employers (ALEs) determine affordability and assess compliance risk moving into the next benefits cycle.

Facility Rental: Best Practices for Non-School Use

August 13th, 2025|Blog, Education|

As community hubs, school districts often open their doors to outside organizations for events, activities, and gatherings. This facility rental for non-school use can benefit the community, but it also comes with potential risks. School administrators must take proactive steps to protect district property, reduce liability exposure, and ensure compliance with state laws.

Go to Top