Consumers Are Worried About Identity TheftBy Samuel Greengard | Posted 2013-06-10 Email Print
Research reveals public concern about data breaches, but no consensus on legislation that would require companies to disclose breaches to the government.
By Samuel Greengard
It's difficult to go a day without learning of yet another data breach or cyber-security failure. These days, businesses, educational institutions and government agencies are all prime targets, and intrusions and theft are on the rise.
A new report from Unisys indicates that while there's recognition of this problem, there's also a growing sense of acceptance and a lack of clarity about whether the government should be involved.
The survey, which recorded the opinions of 1,006 Americans about a variety of security issues, found that consumers are most worried about data breaches affecting their banks and financial institutions, with 67 percent reporting concern. A majority of Americans surveyed also reported concern about data breaches involving government agencies (62 percent), health organizations (60 percent), and telecommunications and Internet service providers (59 percent).
In addition, 83 percent of the respondents expressed a high level of concern about identity theft, and 82 percent are worried about credit card theft. Of course, both of these problems sometimes arise from lax or inadequate security practices at large organizations, including retailers and financial services firms.
Nevertheless, the study found that Americans are less concerned about cyber-security than at any time in the recent past. Unisys recorded an 8.4 percent decline in its Security Index since 2012: from 131 to the current 120. This is the lowest level recorded since the firm began conducting the research in 2007.
Remarkably, this drop follows a slew of security and espionage incidents, including ongoing distributed denial of service attacks against American financial institutions and alleged hacking originating from China and Iran.
Steve Vinsik, vice president of enterprise security for Unisys, believes that greater familiarity with the online world—including making transactions—may be influencing perceptions. In many cases, consumers understand how transactions and security procedures work at companies (including the use of passwords), and since they haven't been personally affected by a breach or had their identity stolen, they're comfortable working with familiar vendors online.
The study also examined government's role in cyber-security. It found that Americans are unsure whether federal legislation to strengthen cyber-security defenses should require organizations—including banks, utilities, health care organizations, retailers and others—to disclose breaches to the government.
Nearly half of the respondents (48 percent) believe that a private business shouldn't be forced to disclose its cyber-attack intelligence and plans. Yet, nearly the same number (46 percent) said that Congress should pass cyber-security legislation requiring the private sector to share information with the government.
"Americans clearly see a need for stronger methods to prevent cyber-attacks, and many see a natural role for government in that process, but they differ on precisely how government and the private sector should interact in that regard," Vinsik noted. "Regardless of where the legislation ends up, businesses and government agencies need to realize that the costs of breaches far outweigh those of prevention—and that Americans are paying close attention."