Latest Articles
As AI becomes more common in legal practice, many professionals are discovering an unexpected challenge: their tools don’t always work together. A typical day for an Australian lawyer might involve switching...
Kiren Chitkara , Legal Writer, Practical Guidance Succession Chloe Silvester , Head of General Practice, Practical Guidance November 2025 marks one of the most significant transformations in Australia...
For decades, LexisNexis ® has defined legal research. But research is just the beginning. Today, we’re transforming the entire legal workflow, evolving from a research provider into a technology partner...
Authored by Seeta Bodke, Head of Product - Pacific, LexisNexis® Legal & Professional We all know the stories: briefs cited fake cases. Submissions with phantom judgments. Entire arguments are built on...
Capital Monitor™ Editorial by Keely Garcia A single week in November 2023 saw four women lose their lives in South Australia amid domestic and family violence, an alarming record across any Australian...
Cybersecurity is a growing concern for businesses of all sizes. Hacks and data breaches are becoming more common and more complex. While no business is expected to be invincible against cyber attack, they are expected to be fully prepared and to take all practicable steps to prevent breaches from happening.
The Office of the Australian Information Commissioner reported a total of 245 data breaches affecting personal information between July and September 2018. It also reported that human error was a contributor in 37% of these cases—making people one of the most significant risk factors to any business’s digital security.
What is cybersecurity fatigue?
Cybersecurity fatigue refers to a decreasing awareness or interest in cybersecurity and a correlating increase in risky behaviour. It frequently occurs when people feel overloaded by too much information, fail to see the potential consequences of not maintaining good security, and begin to switch off. One of the most common examples of cybersecurity fatigue is people using the same password across multiple sites or portals.
Data breaches can result in huge financial and reputational damage for businesses, so it’s imperative that your digital defences are as strong as possible. With that in mind, here are a few strategies to minimise cybersecurity fatigue in your business.
Educate
Education and empowerment is the single most important aspect in reducing cybersecurity fatigue. Employees must be educated on the business’s cybersecurity controls and empowered to speak up if they feel that these are lacking, or suspect anything untoward. Frequently sharing updated knowledge, not only about the organisation’s general processes, but also the specific types of data the business holds and any additional protocols that may apply, will establish a broader sense of responsibility amongst all employees.
Run Drills
People must be continuously trained through exercises like phishing tests and incident response drills. Phishing tests are a great way to gamify your cyber defences—spotting the test phishing emails will prime employees for when the real thing happens and encourage them to report it, rather than just delete the email. Similarly, educating employees on the different types of breaches and then running breach scenarios (enacting the breach response process in real-time) is a great way to tighten defence and keep employees engaged.
Recruit a hacker
A particularly eye-opening way to highlight vulnerabilities in an organisation’s cyber defences is to hire a ‘white hat’ hacker. White hat hackers are paid by companies to try to break into their systems—though they stop short of actually stealing data. White hat hackers use various tactics from standard phishing to social engineering or employee impersonation to gain access—anything a malicious hacker would do. Through this, employees can see exactly how weak security can lead to easy access—and just what is at stake!
Know your obligations
Different types of data have different obligations attached to them. Similarly, different pieces of legislation (such as Australia’s Notifiable Data Breach scheme) require certain actions of businesses in the event of a breach. Having thorough knowledge of relevant obligations helps employees to quickly cut through the noise and discern what is or is not relevant to them in the busy cybersecurity landscape. This allows for a more efficient, organised approach to cybersecurity across the business as a whole.
Streamline your systems
Many businesses have data housed across multiple systems and platforms, with many people in charge—making it difficult to keep track of exactly what’s going on. Undertaking an audit of these systems and processes allows a business to corral its data. This can help with identifying any unnecessary duplications, systemic weaknesses, or employees who have access that don’t actually require it. Regular audits of this kind should be part of any organisation’s security hygiene and help to ensure that cybersecurity responsibility is allocated only where it needs to be.
As businesses become more digital-dependent, the threat of data breaches or other malicious hacks will continue to grow. Thus, it is imperative that all employees are aware of what it takes to protect the business and maintain those practices at all times. By using the techniques above, organisations can combat cybersecurity fatigue and minimise the damage from potential incidents in the future.
For more information on cybersecurity, types of data, data breaches and data obligations, sign up to LexisNexis Practical Guidance: Cybersecurity, Data Protection and Privacy.
From simple search to analysis and insight, the powerful intelligence of Lexis Advance sits at the heart of many of LexisNexis legal solutions. Access exactly what you need with a single subscription.