Endpoint

5/2/2018
10:15 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Breaches Drive Consumer Stress over Cybersecurity

As major data breaches make headlines, consumers are increasingly worried about cyberattacks, password management, and data security.

A few years ago, many people didn't talk about cybersecurity or even pay much attention to it. These days, it's a growing source of stress among consumers, who rely on several devices and businesses to protect their data and regularly read reports about major companies getting breached.

More than 80% of Americans, and 72% of Canadians, admit they've experienced stress due to news of data breaches, according to a new report on consumer levels of "cyber stress" conducted by Opinion Matters and sponsored by Kaspersky Labs. Researchers polled 2,515 Internet users over the age of 16 to gauge the effects of digital security on their stress levels.

It's the first time this study has been conducted; however, it follows a gradual and definitive shift in consumer awareness driven by more-frequent reports of cybercrime. The Identity Theft Resource Center says 1,579 data breaches were reported in 2017, marking a 45% increase from the previous year and the highest number since it started tracking this information.

People are thinking more critically about their data and what they can do to protect it. Three-quarters say protecting their devices from cybercrime has caused them stress.

"When cyberattacks and breaches started becoming a regular occurrence in the news, it seemed to be a wake-up call for many consumers to realize that a cybersecurity issue could personally impact them," says Brian Anderson, vice president at Kaspersky Lab North America.

The turning point, he notes, was the spike in attacks hitting companies people knew and frequented. When large breaches hit Target, Home Depot, and eBay in 2013 and 2014, it made the consequences of poor data security more tangible for consumers affected.

However, the most common sources of stress are not massive one-time breaches, says Anderson. It's the idea that people have to protect their information all the time because these events could happen at any moment. They understand the real-life effects of a data breach, such as identity theft and monetary loss, and have to protect more devices and accounts.

Respondents ages 25 to 34 were most likely to have had a security issue — virus, ransomware, malicious links, or emails — in the last five years. Nearly 60% of this age group reported one of these problems, compared with 46% of respondents overall. Nearly half of those ages 16 to 24 feel stress over password management, compared with one-quarter of participants older than 55.

"These [younger] age groups faced a comparable amount of cybersecurity issues, but because young people are often managing more passwords and more devices than older generations, cybersecurity is causing them a greater amount of stress," Anderson explains.

Consumers who have experienced cyberattacks are more likely to worry about them. Of those who reported an issue, one-third agreed they find it stressful to protect all of their devices.

There is a silver lining to the stress. As people become more aware of the need for security, they're adopting tools like password management software to keep track of their data. Anderson says consumers are becoming more aware of where they share their data, as well as the applications and services that may have more access than is necessary.

Respondents are least willing to share information with social networks (33%), mobile payment services (29%), banking apps (25%), and messaging apps (17%), but they're also hesitant to share with friends and family. Nearly half (49%) would trust a partner with a username and password; the same amount would share answers for security questions.

That said, greater stress doesn't necessarily mean people are taking more precautions. Fourteen percent of Americans and 6% of Canadians admit they have experienced four or more cybersecurity issues in the last five years. While they could blame bad luck, researchers say this level of frequency may also indicate failure to adopt security measures.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.