Endpoint

5/2/2018
10:15 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Breaches Drive Consumer Stress over Cybersecurity

As major data breaches make headlines, consumers are increasingly worried about cyberattacks, password management, and data security.

A few years ago, many people didn't talk about cybersecurity or even pay much attention to it. These days, it's a growing source of stress among consumers, who rely on several devices and businesses to protect their data and regularly read reports about major companies getting breached.

More than 80% of Americans, and 72% of Canadians, admit they've experienced stress due to news of data breaches, according to a new report on consumer levels of "cyber stress" conducted by Opinion Matters and sponsored by Kaspersky Labs. Researchers polled 2,515 Internet users over the age of 16 to gauge the effects of digital security on their stress levels.

It's the first time this study has been conducted; however, it follows a gradual and definitive shift in consumer awareness driven by more-frequent reports of cybercrime. The Identity Theft Resource Center says 1,579 data breaches were reported in 2017, marking a 45% increase from the previous year and the highest number since it started tracking this information.

People are thinking more critically about their data and what they can do to protect it. Three-quarters say protecting their devices from cybercrime has caused them stress.

"When cyberattacks and breaches started becoming a regular occurrence in the news, it seemed to be a wake-up call for many consumers to realize that a cybersecurity issue could personally impact them," says Brian Anderson, vice president at Kaspersky Lab North America.

The turning point, he notes, was the spike in attacks hitting companies people knew and frequented. When large breaches hit Target, Home Depot, and eBay in 2013 and 2014, it made the consequences of poor data security more tangible for consumers affected.

However, the most common sources of stress are not massive one-time breaches, says Anderson. It's the idea that people have to protect their information all the time because these events could happen at any moment. They understand the real-life effects of a data breach, such as identity theft and monetary loss, and have to protect more devices and accounts.

Respondents ages 25 to 34 were most likely to have had a security issue — virus, ransomware, malicious links, or emails — in the last five years. Nearly 60% of this age group reported one of these problems, compared with 46% of respondents overall. Nearly half of those ages 16 to 24 feel stress over password management, compared with one-quarter of participants older than 55.

"These [younger] age groups faced a comparable amount of cybersecurity issues, but because young people are often managing more passwords and more devices than older generations, cybersecurity is causing them a greater amount of stress," Anderson explains.

Consumers who have experienced cyberattacks are more likely to worry about them. Of those who reported an issue, one-third agreed they find it stressful to protect all of their devices.

There is a silver lining to the stress. As people become more aware of the need for security, they're adopting tools like password management software to keep track of their data. Anderson says consumers are becoming more aware of where they share their data, as well as the applications and services that may have more access than is necessary.

Respondents are least willing to share information with social networks (33%), mobile payment services (29%), banking apps (25%), and messaging apps (17%), but they're also hesitant to share with friends and family. Nearly half (49%) would trust a partner with a username and password; the same amount would share answers for security questions.

That said, greater stress doesn't necessarily mean people are taking more precautions. Fourteen percent of Americans and 6% of Canadians admit they have experienced four or more cybersecurity issues in the last five years. While they could blame bad luck, researchers say this level of frequency may also indicate failure to adopt security measures.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Turn the NIST Cybersecurity Framework into Reality: 4 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1674
PUBLISHED: 2018-09-20
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
CVE-2018-1800
PUBLISHED: 2018-09-20
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occuring. IBM X-Force ID: 149607.
CVE-2018-3864
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-3865
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-17254
PUBLISHED: 2018-09-20
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.