Impermium Study Looks at Consumer Attitudes on Internet Security

By Peter Bernstein June 27, 2013

Unfortunately, many if not most of us have been victims of a virus or malware problem. This is not just at work where are talented IT professional can help us, but also at home and when we are out and about. Help can be problematic in those cases, and such problems can render our ability to interact useless. 

One would think that the growing assault by bad actors on our ability to experience all of the benefits of being connected would make us more cautious and proactive about availing ourselves of the protections we need. In an attempt to learn more about American’s limited adoption of two-factor authentication, levels of worry related to account compromise, and preferences for sites to offer less disruptive forms of protection, Internet security firm Impermium had Harris Interactive conduct a study in June. The results are out, and they show that we all need to become better educated and better armed.

Image via Shutterstock

We are leaving ourselves vulnerable

As Impermium notes, the current state of cyber security, “has left U.S. Internet users anxious about hacks and password theft.  Despite constant victimization, the majority are not using two-factor authentication and are left without a widely accepted or deployed method of protection.”

Key findings from the survey, conducted June 7-11, 2013, among 2,046 adults ages 18 and older, are insightful and somewhat disturbing.  

When asked about the overall concern related to account compromise:

  • 79 percent indicated at least some level of worry around e-mail account compromise
  • 55 percent around social media compromise
  • 71 percent around bank account compromise

Surprisingly, consumers remain reluctant to adopt two-factor authentication, with 16 percent of Americans saying they have not signed in with this process in the past because it was inconvenient. 

The granularity of the survey is also real food for thought. It found that while a majority of Americans have never signed into a website using two-factor authentication (75 percent), 77 percent of those who have not yet been a victim of account compromise are at least somewhat unlikely to continue using a site if their account were compromised. Additionally, while 65 percent of Americans have been victims of viruses, malware, and/or phishing attacks, only 25 percent have ever signed in with two-factor authentication as a preventive security measure.

Other key findings

And there was more. 

  • 75 percent of Americans have not used two-factor authentication in the past
    • 27 percent decided against signing onto a website with two-factor authentication because they did not want to disclose their mobile number and/or because they found it inconvenient
    • 30 percent say that they have never needed to do this
    • 20 percent did not want to disclose their mobile phone number
  • Respondents were split in terms of determining who is primarily to blame for account compromises
    • 39 percent believe websites are to blame by not offering or maintaining sufficient security features
    • 37 percent believe the consumer is to blame due to weak passwords or falling for scams like phishing
  • When asked which types of accounts they are most worried about getting hacked, Impermium learned e-mail account compromise results in the most anxiety
    • 79 percent are at least somewhat worried about having their e-mail account compromised
    • 71 percent are at least somewhat worried about having their online bank accounts compromised
    • 55 percent of consumers are at least somewhat worried about having their social media accounts compromised
  • When asked how worried they are about cloud data compromise, 43 percent of Americans responded they are at least somewhat worried
  • A majority of consumers have been a victim of a listed online threat:
    • 56 percent of consumers have been a victim of a virus or malware infection on a computer
    • 37 percent have been a victim of a phishing attack
    • 26 percent have been a victim of account compromise (e.g., hacked, broken into, password theft)
    • 20 percent have been a victim of a social media phishing attack
    • 5 percent had a phone lost or stole that resulted in unwanted access to sensitive information

In commenting on the survey, Mark Risher, CEO of Impermium, explained, “Despite heightened awareness of cyber threats and a clear demand for account protection, Americans are still hesitant to adopt new prevention techniques…Two-factor authentication has been held aloft as a ‘silver bullet,’ but a security system that isn’t turned on provides no security. Only with intelligent, risk-based authentication mechanisms can service providers effectively protect users from account hijacking. Consumers and websites need an intelligent solution that is secure yet simple.”

While obviously a pitch for two-factor identification the survey does speak to a broader issue in general about how seemingly unknowledgeable all of us are about the risks we are exposed to and our apparent belief that bad things will happen to somebody else and not us, despite our refusal to obtain protection or use it when it is offered as has been done recently by Twitter, Gmail and Dropbox.  

Reality is that two-factor identification is not a complete “silver bullet” for preventing the bad guys from compromising our accounts and engaging in other malicious activities, but it certainly can mitigate a substantial amount of risk and if you are not using it you should be. You should also be using and keeping updated your anti-virus protection including for your mobile devices, and as point out in a posting I did recently about Juniper Networks Mobile Threat Report, if you are an Android user you need to make sure you are running the very latest version of their OS. 

To quote what was always the last line of the opening police bullpen briefing that started each episode of the popular 1980s TV show Hill Street Blues, “Let’s be careful out there!”

Edited by Alisen Downey
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More