How much alarmism is too much when it comes to digital security? The answer isn’t clear, whether the question is focused on how governments should respond to attacks or on how consumers should consider their own security in an increasingly unsafe world.
What is clear is that security products shouldn’t cry wolf every time they detect a modest threat to someone’s computer. A new survey shows that the practice of notifying people about even the least-important of digital problems often overwhelms many consumers.
It’s a bit like dealing with a first-time parent. Because it’s not clear what constitutes a real threat and what’s actually harmless, a lot of software goes for broke and starts doing the antivirus equivalent to baby-proofing a cupboard or asking guests to wear surgical masks.
Funnily enough, the process actually makes consumers act more like experienced yet exhausted parents willing to let their children bungee jump off a roof if it means they’ll shut up for a while. As problematic as the first approach is, this second option can be even more dangerous.
The result, at least so far as security software is concerned, is a deluge of notifications that end up being ignored because people can’t handle the sheer number of viruses and other nasty bits of malware constantly threatening their precious computers’ health.
And that’s how you end up with problems like the Target customer data breach, which is said to have tripped an alarm on the company’s security software that went ignored because countless notifications were sent to the company’s information technology team.
Perhaps anti-virus software should seek to be like the parent of a second child instead of a first or third loin-spawn: experienced enough to recognize real threats instead of losing it over every mention of “germs” but not so exhausted that they just don’t care anymore.