A third of people fall victim to cyberattacks despite training
A new study of 3,000 individuals across the US, UK and Canada finds that although 58 percent of tech users that had access to cybersecurity training or education say they are better at recognizing phishing messages and related attacks, 34 percent still fell victim to at least one type of cybercrime.
The research from The National Cybersecurity Alliance and CybSafe shows that of more than 1,700 incidents of cybercrime that were disclosed by participants, 36 percent were phishing attacks that led to a loss of money or data, while 24 percent report falling victim to identity theft.
"Cybersecurity is no longer a field that can simply be delegated," says Lisa Plaggemier, executive director of the National Cybersecurity Alliance. "In a world where individuals, businesses and organizations of all types are increasingly relying on digital devices to conduct everyday activities, everyone has a role to play in safeguarding data and information. That is why it is so important to consistently evaluate where individuals stand on all issues involved in the cybersecurity landscape so that we can work together and build a stronger cybersecurity community that can stand up to bad actors."
While 45 percent of respondents state they are 'always connected to the internet', 62 percent of users lack access to cybersecurity knowledge altogether and one-third say they rely on the help of friends and family.
Participants in the US are consistently more likely to have been victims of cybercrime. There are generational differences too, 20 percent of millennials and 18 percent of generation Z had their identity stolen at least once. In comparison, 27 percent of millennials and 34 percent of gen Z had lost money/data due to harmful cyber activity such as phishing. This differs significantly from baby boomers, where 92 percent report never having their identity stolen, and 88 percent had never lost money/data due to cyberattacks.
It seems cybercrimes aren't being reported either, 26 percent of identity theft victims and 31 percent of phishing victims didn’t report their incidents directly to service providers or law enforcement. The reporting numbers around romance scams and cyberbullying are even worse, with 45 percent of romance scam victims and 48 percent of cyberbullying victims saying they didn’t report incidents when they occurred.
Although 78 percent consider staying secure online to be a priority and 66 percent think it is achievable, 46 percent of those polled say they feel frustrated while staying secure online, and 39 percent of users trying to keep safe felt information on how to stay secure online is confusing.
Bad habits persist too, 36 percent of individuals don't always create unique passwords, while only 18 percent have downloaded a password manager. 43 percent of respondents say they had never heard of MFA, and 37 percent don't have automatic software updates enabled. Also only 43 percent of individuals say they back up their data either 'always' or 'very often'.
"We are nearing a point where everyone will be connected to the internet all the time, and unfortunately, that means everyone has the potential to be vulnerable to basic cyberattacks," adds Plaggemier. "Businesses, organizations, schools and even friends and family need to make the adoption of security behaviors a priority. Increasing adoption and eliminating setbacks during the overall process of remaining safe and secure needs to be an all hands on deck approach."
The full report is available from the Cybsafe site.