Endpoint

5/2/2018
10:15 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Breaches Drive Consumer Stress over Cybersecurity

As major data breaches make headlines, consumers are increasingly worried about cyberattacks, password management, and data security.

A few years ago, many people didn't talk about cybersecurity or even pay much attention to it. These days, it's a growing source of stress among consumers, who rely on several devices and businesses to protect their data and regularly read reports about major companies getting breached.

More than 80% of Americans, and 72% of Canadians, admit they've experienced stress due to news of data breaches, according to a new report on consumer levels of "cyber stress" conducted by Opinion Matters and sponsored by Kaspersky Labs. Researchers polled 2,515 Internet users over the age of 16 to gauge the effects of digital security on their stress levels.

It's the first time this study has been conducted; however, it follows a gradual and definitive shift in consumer awareness driven by more-frequent reports of cybercrime. The Identity Theft Resource Center says 1,579 data breaches were reported in 2017, marking a 45% increase from the previous year and the highest number since it started tracking this information.

People are thinking more critically about their data and what they can do to protect it. Three-quarters say protecting their devices from cybercrime has caused them stress.

"When cyberattacks and breaches started becoming a regular occurrence in the news, it seemed to be a wake-up call for many consumers to realize that a cybersecurity issue could personally impact them," says Brian Anderson, vice president at Kaspersky Lab North America.

The turning point, he notes, was the spike in attacks hitting companies people knew and frequented. When large breaches hit Target, Home Depot, and eBay in 2013 and 2014, it made the consequences of poor data security more tangible for consumers affected.

However, the most common sources of stress are not massive one-time breaches, says Anderson. It's the idea that people have to protect their information all the time because these events could happen at any moment. They understand the real-life effects of a data breach, such as identity theft and monetary loss, and have to protect more devices and accounts.

Respondents ages 25 to 34 were most likely to have had a security issue — virus, ransomware, malicious links, or emails — in the last five years. Nearly 60% of this age group reported one of these problems, compared with 46% of respondents overall. Nearly half of those ages 16 to 24 feel stress over password management, compared with one-quarter of participants older than 55.

"These [younger] age groups faced a comparable amount of cybersecurity issues, but because young people are often managing more passwords and more devices than older generations, cybersecurity is causing them a greater amount of stress," Anderson explains.

Consumers who have experienced cyberattacks are more likely to worry about them. Of those who reported an issue, one-third agreed they find it stressful to protect all of their devices.

There is a silver lining to the stress. As people become more aware of the need for security, they're adopting tools like password management software to keep track of their data. Anderson says consumers are becoming more aware of where they share their data, as well as the applications and services that may have more access than is necessary.

Respondents are least willing to share information with social networks (33%), mobile payment services (29%), banking apps (25%), and messaging apps (17%), but they're also hesitant to share with friends and family. Nearly half (49%) would trust a partner with a username and password; the same amount would share answers for security questions.

That said, greater stress doesn't necessarily mean people are taking more precautions. Fourteen percent of Americans and 6% of Canadians admit they have experienced four or more cybersecurity issues in the last five years. While they could blame bad luck, researchers say this level of frequency may also indicate failure to adopt security measures.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-9209
PUBLISHED: 2018-11-19
Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2
CVE-2018-9207
PUBLISHED: 2018-11-19
Arbitrary file upload in jQuery Upload File <= 4.0.2
CVE-2018-15759
PUBLISHED: 2018-11-19
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perfo...
CVE-2018-15761
PUBLISHED: 2018-11-19
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges...
CVE-2018-17190
PUBLISHED: 2018-11-19
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code ...