US Consumers Are Finally Becoming More Security & Privacy Conscious

  /     /     /  
Publicated : 23/11/2024   Category : security


US Consumers Are Finally Becoming More Security & Privacy Conscious


The trend, spotted by Consumer Reports, could mean good news for organizations struggling to contain remote work challenges.



A survey on US consumer attitudes toward online privacy and security holds some potentially good news for enterprise organizations in an era of work-from-home and hybrid work models.
The survey of 2,103 US adults, conducted by Consumer Reports (CR), showed substantial improvement in consumer cybersecurity and privacy practices over the past three years. Many more individuals appear aware of the security and privacy risks associated with their digital footprint, and have modified their behavior significantly to try and protect it better.
Some of the changes — such as a surge in the use of multifactor authentication (MFA) — appear tied to the fact that more and more organizations require it for accessing online accounts and services. That said, a lot of the behavioral changes are likely also being driven by a higher awareness of cyber-risks, several security experts say.
The harsh reality is that the explosive growth in ransomware attacks and data breaches has raised awareness of cybersecurity to a level we’ve never seen before, says Darren Guccione, CEO and co-founder at Keeper Security. When people are unable to get fuel
at the gas pump
or their bank data is leaked on the Dark Web, they immediately understand the tangible impact cyberattacks can have on their personal lives.
The trend has upside for enterprise organizations that are
struggling to contain security challenges
tied to the use of insecure home networks and devices by their work-from-home and remote employees. It could mean less of an uphill battle for them, says Brian Dunagan, vice president of engineering at Retrospect, a StorCentric company.
It suggests that people are taking communications regarding security directives seriously and are taking the time to read, learn, and ask questions if necessary — which is a notable shift. 
Now is the time for security leaders to make the case for increased security budgets, whether it is added personnel or added security technology solutions, Dunagan says.
When it comes to better
consumer adoption of certain security practices
, 88% of survey respondents, for instance, said they use what CR describes as strong passwords — eight characters or more, with upper and lowercase letters, numbers, and symbols — to protect access to their Wi-Fi networks. Thats up from 74% in the last survey. Similarly, 85%, up from 69%, have implemented measures such as requiring a password, PIN, TouchID, or FaceID to unlock their smartphone.
The survey revealed a greater understanding among US consumers of the potential privacy and security implications of allowing mobile applications the unfettered ability to track their location and movements. Eighty-one percent of consumers now only allow an app to access their location when they are using the application. Eighty percent claimed they did not install applications that they perceived as collecting too much information about them, and 78% block apps from having access to the camera, location, or contacts if they think the app does not require that access.
The numbers in each instance were significantly higher compared with the 2019 survey. For example, just 60% blocked app access to their cameras and contacts three years ago, and 65% ensured a mobile app had access to their location only when the app was in use.
One of the most significant changes was in the use of multifactor authentication: 77% of survey respondents said they now use MFA, up from 50% in 2019. Security experts consider MFA to be a fundamental security best practice for protecting online accounts against takeover and compromise.
Many products and companies have started to encourage consumers to enable better cyber hygiene, says Amira Dhalla, director of impact partnerships and programs at Consumer Reports.

Its common that when you log in to your bank or email account, they encourage or mandate [that] you have to use multifactor authentication.
Dhalla says that CRs survey showed that consumers overall feel more in control of their personal data because of the steps they are taking to control and secure it. 
“As more security and privacy tools have become available and marketed to everyday consumers, they feel they have more at their disposal to combat the security of their data, she notes. [They] are placing more responsibility on themselves to protect themselves.”
At the same time, they are less secure with how companies are handling and storing their data. At least 75% of the respondents in the CR survey expressed concern about the privacy of personal data that companies collected online. We know consumers are holding themselves more accountable. They just need knowledge and tools to be able to protect themselves more.
Roger Grimes, data-driven defense evangelist at KnowBe4, perceives the improved consumer habits as the result of a trickle-down effect. Whats largely driving the change is businesses are now taking cybersecurity threats more seriously, which trickles down to consumers because they work for those businesses and are impacted as customers, he says. If your employer is training you to be more cybersecurity aware on the job, those are also skills you can apply at home and teach to your family.
Grimes says while the trends in the CR survey are encouraging, its also important to view them in the right perspective. He points to the surveys definition of what constitutes a strong password as one example. Eight-character passwords, even with complexity, are no longer considered secure, he says. For someones password to be truly secure it must be 12 characters or longer and fully random or 20 characters or longer if made up out of someones head.
Similarly, using MFA alone is not sufficient, if it is
not also phishing resistant
, he says. Unfortunately, 90% to 95% of MFA is easily phish-able [and] no harder to steal or bypass than a password. Telling people to use any MFA is bad advice.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
US Consumers Are Finally Becoming More Security & Privacy Conscious