With societies becoming increasingly accustomed to digital interactions, preferences for convenience often outweigh security and privacy concerns, leading to a lax approach to cybersecurity that may give attackers additional information to carry out cyberattacks, a recently-released global survey has found.
The findings from the "IBM Security Consumer Survey" show that bad personal security habits may also carry over to the workplace and can lead to costly security incidents for companies, with compromised user credentials representing one of the top root sources of cyberattacks reported in 2020, according to IBM Security X-Force. The survey was taken among 22,000 individuals in 22 markets.
According to IBM, the effect of the pandemic on consumer security behavior includes:
- More than half (51%) of millennials would rather place an order using a potentially insecure app or website rather than call or go to a physical location in person. As a result, the burden of security will likely fall more heavily on companies providing these services to avoid fraud.
- Respondents created 15 new online accounts during the pandemic on average, equating to billions of new accounts around the world, with 44% saying they do not plan to delete or deactivate the new accounts. These consumers will have an increased digital footprint for years to come, greatly expanding the attack surface for cybercriminals.
- Among those surveyed, this surge in digital accounts led to lax password behaviors, with 82% of respondents admitting to reusing credentials at least some of the time. It means that many of the new accounts likely relied on reused email and password combinations, which may have already been exposed via data breaches over the past decade.
"The pandemic led to a surge in new online accounts, but society's growing preference for digital convenience may come at a cost to security and data privacy," said Charles Henderson, Global Managing Partner and Head of IBM Security X-Force. "Organizations must now consider the effects of this digital dependence on their security risk profile. With passwords becoming less and less reliable, one way that organizations can adapt, beyond multi-factor authentication, is shifting to a zero trust approach – applying advanced AI and analytics throughout the process to spot potential threats, rather than assuming a user is trusted after authentication."
In addition, many individuals have high expectations for ease of access and use as they increasingly embrace digital interactions, with most adults (59%) expecting to spend less than five minutes setting up a new digital account, the survey said.
Although password reuse is a growing problem, around two-thirds of respondents had used multi-factor authentication within the past few weeks of being surveyed.
Amid consumer adoption of a wide variety of digital channels for COVID-19-related services, 63% of respondents said they engaged with pandemic-related services via some form of digital channel such as web, mobile app, email, and text message.
The survey also found that 65% of adults globally say they are familiar with the concept of digital credentials, such as so-called vaccine passports, and 76% would be likely to adopt them if they became commonly acceptable.
According to IBM, the survey (with 1,000 respondents per market) was conducted in Argentina, Australia, Brazil, Canada, Chile, Colombia, France, Germany, India, Italy, Japan, Mexico, Peru, Singapore, South Korea, Spain, UK, US, Middle East, Central & Eastern Europe, Nordics, and BNL (Belgium, Netherlands, and Luxembourg).