Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

ABTV

5/13/2019
10:30 AM
Larry Loeb
Larry Loeb
Larry Loeb
50%
50%

Study Digs the Dirt on US Cyber Hygiene

Generally it's not good, but there are a few clean-livin' types out there.

Wakefield Research has published its Webroot-sponsored report, The Cyber Hygiene Risk Index, in which they make evaluations about Americans and their habits.

Wakefield fielded an online survey to 10,000 US consumers (ages 18+) with 200 interviews in each of the 50 US states. It was conducted between February 11 and February 25, 2019, using an email invitation and an online survey instrument. The stated margin of error is +/-0.98 percentage points for the total audience of this study and +/-6.9 percentage points for each state at the 95% confidence level.

The researchers came up with ten survey metrics to assess risk factors, which all follow a pass/fail (yes/no) format:

      1.Do they backup their data?

 

      2.Have they lost a device without recovering it or given away a device?

 

      3.Have they had their ID stolen?

 

      4.Have they been impacted by malware?

 

      5.Have they been a victim of phishing?

 

      6.Do they use AV software?

 

      7.Do they share passwords with others?

 

      8.Do they reuse passwords?

 

      9.Do they keep their social media public?

 

    10.Do they practice good online behavior?

They found that residents of Mississippi, Louisiana, California, Alaska and Connecticut were likely to have the lowest compliance scores on this test.

The states with the best scores (New Hampshire, North Dakota, Ohio, Idaho, and Kentucky) were not all that different from the worst scorers in many parameters.

In fact, the highest scoring state of New Hampshire, only got a D and a 65% overall score on it.

Cyber hygiene faults that seemed to get a lot of people nicked included reusing passwords for multiple accounts (63% of Americans), failing to use the "private" setting on social media (64%), and falling for phishing attempts (53%).

The study looked at user beliefs as well. Roughly nine in ten (88%) Americans agree that they're taking the appropriate steps to protect themselves from cyber-related attacks, including half (49%) who agree strongly or agree 100%.

The researchers think that Americans have only a surface-level understanding of the most common types of cyber threats. Respondents could recognize some of the names of the most common cyber attacks such as malware (79%) or phishing (70%), but for most, that was where their knowledge ends. Less than one in three actually knew what these common cyber attacks are or what they do.

Yet the report found superstars in the wilderness. About 5% of respondents were exceptional, compared to the norm.

They share some characteristics. They are more likely to be Boomers, married or in a relationship, more likely to live in the suburbs and less likely to be parents.

They all regularly backup data in multiple ways, keep their reliable AV software up to date, use VPN, ID protection & password management services.

The report has no information on how often they change their toothbrushes.

These folk are spread across 100% of US states and the highest Cyber Hygiene Risk Index performers.

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12777
PUBLISHED: 2020-08-10
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
CVE-2020-12778
PUBLISHED: 2020-08-10
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
CVE-2020-12779
PUBLISHED: 2020-08-10
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
CVE-2020-12780
PUBLISHED: 2020-08-10
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
CVE-2020-12781
PUBLISHED: 2020-08-10
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.