US consumers are finally becoming more security and privacy conscious | Techno Glob

A survey of US consumer attitudes toward online privacy and security has some potentially good news for enterprise organizations in an era of work-from-home and hybrid work models.

A survey of 2,103 US adults conducted by Consumer Reports (CR) found significant improvements in consumer cybersecurity and privacy practices over the past three years. Many more individuals are becoming aware of the security and privacy risks associated with their digital footprint and have sought to better protect their behavior.

Some of the changes — such as an increase in the use of multifactor authentication (MFA) — appear to be linked to the fact that more organizations are requiring it to access online accounts and services. That said, many of the behavioral changes can also be driven by heightened awareness of cyber-risks, say many security experts.

“The harsh reality is that the explosive growth in ransomware attacks and data breaches has increased cybersecurity awareness to a level we’ve never seen before,” says Darren Guccione, CEO and co-founder of Keeper Security. “When people can’t get fuel at the gas pump or their bank data is leaked on the dark web, they immediately understand the impact cyberattacks can have on their personal lives.”

This trend is on the rise for enterprise organizations that are struggling to contain the security challenges associated with the use of unsecured home networks and devices by their home and remote employees. That could mean less of an uphill battle for them, says Brian Dunagan, vice president of engineering at Retrospect, a storecentric company.

This indicates that people are taking communications about safety instructions seriously and are taking the time to read, learn and ask questions if necessary – which is a significant change.

“Now is the time for security leaders to make the case for an increased security budget, whether it’s adding personnel or adding security technology solutions,” says Dunagan.

Significant security improvements for customers

When it comes to consumer adoption of certain security practices, 88% of survey respondents, for example, said they describe CR as strong passwords — eight characters or more, upper and lowercase letters, numbers and symbols — to protect their access. on a Wi-Fi network. That’s up from 74% in the last survey. Similarly, 85%, up from 69%, have implemented measures such as passwords, PINs, TouchID or FaceID to unlock their smartphones.

The survey revealed a greater understanding among US consumers of the potential privacy and security implications of giving mobile applications the seamless ability to track their location and movements. Eighty percent of consumers now only allow an app to access their location while using an app. Eighty percent claimed they did not install apps that were collecting too much information about them, and 78% blocked apps from accessing their camera, location, or contacts if they didn’t think the app needed that access.

The numbers in each instance were significantly higher than in the 2019 survey. For example, three years ago only 60% blocked app access to their cameras and contacts, and 65% made sure mobile apps had access to their location only when the app was in use.

One of the most notable changes was the use of multifactor authentication: 77% of survey respondents said they now use MFA, up from 50% in 2019. Security experts consider MFA a basic security best practice for protecting online accounts from takeovers. Compromise

“Many products and companies are beginning to encourage consumers to enable good cyber hygiene,” says Amira Dhalla, director of impact partnerships and programs at Consumer Reports.It’s common for them to offer incentives or commands when you log into your bank or email account [that] You must use multifactor authentication.”

Consumers are more in control, but work must be done

Dhalla says CR’s survey shows that consumers feel more in control overall because of the steps they take to control and secure their personal data.

“As more security and privacy tools become available and marketed to everyday consumers, they feel they have more to deal with protecting their data,” she notes.[They] putting more responsibility on themselves to protect themselves.”

At the same time, they are less secure about how companies handle and store their data. At least 75% of CR survey respondents expressed concern about the privacy of personal data collected by companies online. “We know consumers are holding themselves more accountable. They just need the knowledge and tools to better protect themselves.”

Roger Grimes, data-driven conservation campaigner at KnowBe4, sees improved consumer habits as a result of the trickle-down effect. “What’s driving the change is that businesses are now taking cybersecurity threats more seriously, which reduces consumers because they work for those businesses and are affected as consumers,” he says. “If your employer is training you to be more cybersecurity aware on the job, those are also skills you can apply at home and teach your family.”

Grimes says that while the trends in the CR survey are encouraging, it’s also important to put them in perspective. He points to the survey’s definition of what constitutes a strong password as an example. “Eight-character passwords, even those of great complexity, are no longer considered secure,” he says. “For one’s password to be truly secure it must be 12 characters or longer and completely random, or 20 characters or more if made up of one’s head.”

Likewise, simply using MFA isn’t enough if it’s also not phishing-resistant, he says. “Unfortunately, 90% to 95% of MFA is easily phish-able [and] It’s no harder to steal or bypass than a password. Telling people to use any MFA is bad advice.”

Source link