“Cybersecurity breach” is a scary term that causes corporate boards to retreat into their shells and executives to shake in their boots. It is synonymous with “malicious actor” and “PR nightmare” “lost revenue.” Not to mention “fired.”
However the word no longer seems to be a synonym for “newsworthy.”
Reporters are no long interested in covering data breaches. I believe that because of the significant uptick in breaches, reporters and their editors are frankly just sick of it.
It’s a phenomenon I refer to as ‘data breach fatigue.’
A cursory Google will tell you that I have not created this term, although I offer present a new definition. (The term is usually used to refer to the American public’s fatigue in hearing about the constant threat to their personal data online.)
A contributed piece in Government Technology Magazine last year kicked off its warning of data breach fatigue by saying:
It wasn’t always this way. When the Target data breach occurred in 2014, the media landscape exploded. This was essentially the first major public data breach to be profiled, and it further benefited from the fact that the data stolen was not social media passwords or demographic marketing data like birth dates.
It was credit card numbers. The one piece of financial data that the consumer population already knew was at risk. And boy did they lose it when all 110 million Target shoppers found out.
Coverage of the story occurred for months. The CIO and CEO of Target both “resigned” (cough* took the fall *cough) their earnings dropped 46% as the company lost $440 million in profits, and PR professionals in the tech space got something huge to pitch for the next few months – or years in some cases, depending on the relative lack of creativity in some instances.
How far we have come.
As I write this sentence, it has been three days since TechCrunch reported the Texas-based financial data and analytics company Ascension suffered a major data breach. Over 24 million bank loan and mortgage documents have been exposed. SC Magazine, BankRate and PYMNTS also wrote pieces. That’s it.
The communications team at Ascension should be toasting the media’s ambivalence – despite the potential dangers. Using personal info from the Facebook breach, professional information from the LinkedIn breach, and social security numbers from the Equifax breach.
The silence is deafening
But don’t be mistaken. Cybersecurity is still one of the hottest topics in the media. It’s on top of everyone’s mind and the conversation is not getting less complicated.
TechRepublic insists that we will see more CEOs getting fired over data breaches than ever before. They have not yet covered the Ascension breach.
ZDNet illustrates how companies that suffer data breaches are underperforming in the stock market in the long run. They have not yet covered the Ascension breach.
Wired points out that as the government shutdown continues the country’s exposure to cyber threats increases. They have not yet covered the Ascension breach.
In Wired’s defense, they did report that the Twinning app everyone used that day a couple of weeks ago leaked a bunch of selfies, which is undeniably a much sexier story.
We still are talking about cyber
We still NEED to talk about cyber. And we are still all talking about data breaches, just in the abstract.
The conversation around cyber has shifted to future-looking themes. We’re done with the sameness and opacity that remains from one breach to the next. And the lack of any tangible punishments for truly negligent companies. It’s all about what is going to happen next.
So, for my fellow communications professionals that are trying to publish commentary around the latest data breach, spend your efforts elsewhere. You’re boring the reporters.
Hugh Cunningham is an account manager in New York