Risk
4/18/2013
12:51 PM
50%
50%

Online Privacy Worries Increasing Worldwide

Economist Intelligence Unit study shows that consumers worldwide are increasingly concerned about online data security.

Many private citizens are increasingly worried that businesses and regulators are not doing enough to protect the safety of their data online.

Only 26% of those surveyed feel that businesses are sufficiently transparent in how they use personal data, while a definite majority -- 75% -- describe regulation preventing misuse of such information as "weak," according to a new global study by London-based Intelligence Unit of The Economist magazine.

While 34% of respondents told researchers they are more willing to share basic personal information online now than they were three years ago, a full 90% report they are concerned that such information might be hacked and used to steal their money.

Meanwhile, 66% of respondents report that they sometimes reject products or services because of concerns about the security of their personal data. Moreover, very few consumers are confident their data is safe in the hands of social networks and online retailers.

[ Where do you draw the line when it comes to privacy at work? Read Monitoring Vs. Spying: Are Employers Going Too Far? ]

The study's findings have significant implications for how businesses collect and use consumer data, according to its authors. Editorial director Denis McCauley said, "Companies that earn the right to use consumer data, and do so fairly, could gain a significant competitive edge in the long-term. Building consumer relationships based on trust will help companies gain access to more personal data, and help them to outperform competitors."

The study also draws out some intriguing differences between users in the U.S. and Europe on personal data privacy concerns. For example, while users in both geographies have "similar levels of unease," U.S. users are more reluctant to share information, with 38% saying they're less likely to share personal data now than they were three years ago, compared to just 20% of Europeans. Accordingly, Europeans are more frequent online shoppers, with 22% shopping online at least once a week compared to just 5% of U.S. respondents.

Conducted in January and February 2013, the study surveyed 758 adult Internet users, the vast majority of whom use the Internet daily. Of this sample, 32% were based in Western Europe, 30% in the Asia-Pacific region, 20% in North America and the remainder from Latin America, the Middle East, Africa and Eastern Europe. The group also conducted a number of in-depth interviews with experts and leaders from business, government and NGOs.

The research was commissioned by data breach solutions vendor Beazley.

Easily overlooked vulnerabilities could put your data and business at risk. Also in the new, all-digital 10 Web Threats special issue of Dark Reading: How hackers compromised an iOS developers' website to exploit Java plug-in vulnerabilities and attack Apple, Facebook, Microsoft and Twitter. (Free with registration.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Apprentice
4/19/2013 | 6:11:58 PM
re: Online Privacy Worries Increasing Worldwide
I agree about the "intriguing differences between users in the U.S. and Europe on personal data privacy concerns. For example, while users in both geographies have "similar levels of unease," U.S. users are more reluctant to share information, with 38% saying they're less likely to share personal data now than they were three years ago".

IBM reported last month in "2012 Trend and Risk Report" that the United States had 46 % of the breaches compared to 8 % in the United Kingdom.

I think that Big Data will add to this picture since it will change the way we are dealing with data. Collecting and processing a huge amount of data is now more feasible and cost effective with Big Data technology.

Many companies are now collecting data files into Big Data environments without fully understand what specific and potentially sensitive information that is hidden in those files. In many cases they do not have the resources to analyze the data content before storing these huge volumes of data.

Many organizations have rushed into Big Data focused solely on ROI, and security is an afterthought. There is also a shortage in Big Data skills and an industry-wide shortage in data security personnel, so many organizations donG«÷t even know they are doing anything wrong from a security perspective.

I think that a crisis is likely to occur very soon:

1. A Big Data security crisis is likely to occur very soon. Few organizations have the ability to deal with it.

2. We have little knowledge about data loss or theft in big data environments.

3. I imagine it is happening today but has not been disclosed to the public.

The good news is that some organizations are proactive and successfully using new approaches to address issues with security and privacy in Big Data environments.

The CEO must understand this risk and the CISO must understand the issues with privacy and security that is associated with this new technology.

Ulf Mattsson, CTO Protegrity
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5075
Published: 2014-12-27
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.

CVE-2011-4720
Published: 2014-12-27
Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.

CVE-2011-4722
Published: 2014-12-27
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

CVE-2012-1203
Published: 2014-12-27
Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a save_user action.

CVE-2012-1302
Published: 2014-12-27
Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or (3) the data_file parameter to amtimeline.swf.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.