Survey Shows Gap Between Americans' Online Security Perceptions and Cyber Security Best Practices

• Nov 16, 2011

Approximately 92 percent of Americans believe that a safe and secure Internet is crucial to our nation's economic security and 81 percent of Americans want to learn more about being safe and secure online, but there still exists a visible disconnect between Americans' perceptions of their online safety practices versus the reality of their actual safety practices. These insights were revealed in the 2011 National Cyber Security Alliance (NCSA)-McAfee Online Safety Study, recently released by the NCSA and McAfee.

While the study found progress in a number of areas regarding online safety awareness, perception versus reality gaps continue to exist in critical areas:

• 70 percent of Americans say that they represent their child/children¹s primary source of information for online safety, yet 48% of parents are not completely confident that their children can use the Internet safely.
• 32 percent of consumers either back up only once a year<or never (20 percent).
• 15 percent of Americans have never checked their social networking privacy and security account settings.
• According to the survey, only seven percent of U.S. parents are worried about cyberbullying even though 33 percent of teenagers have been victims of cyberbullying, according to the Pew Internet and American Life Survey.

"This new study shows that vast majorities of Americans believe that cyber security is important for our personal safety and our nation¹s economic security," said NCSA Executive Director Michael Kaiser. "Yet this survey also shows that we can do a better job of protecting ourselves and those around us and really focus on the notion that a safe and secure Internet and digital experience represents a shared responsibility."

"As our digital usage grows exponentially each year with a multitude of different devices connected to the Internet, cyber threats have grown more sophisticated and widespread than ever before," said Todd Gebhart, co-president, McAfee. "This new survey demonstrates the fundamental importance of better online safety and security awareness for ourselves, our communities, our schools and our businesses.  Consumers need to think beyond just PCs, and also protect their web experiences, their data, and very importantly, their children on all the devices they use."

Key Findings:

Security Perceptions

• Less than half of the population (46 percent) reports that they feel safe from viruses, malware and hackers while on the Internet.
• When it comes to the issue most Americans are concerned about regarding online safety and security, 43 percent of respondents reported they were most worried about identity theft; 13 percent were concerned with loss of privacy; and 12 percent reported their biggest concern was someone monitoring or recording their online activity.
• When asked how people would like to learn about staying safe online, 37 percent of Americans are willing to receive regular information from an organization about safety best practices; 15 percent are willing to educate others; 13 percent would attend an in-person education session; 20 percent are not willing to do any of these and 15 percent are not sure.

Crime and Law Enforcement

•  When asked what puts Americans most at risk of a cybercrime or a loss of personal information the largest number of respondents, one-third (33 percent) said they believe connecting to an unsecured wireless network puts them most at risk yet more than half (53 percent) of Americans said they have logged onto a wireless network without entering a security password.
• One in five (18 percent) Americans have been the victim of a cybercrime and 38 percent know someone who has been victimized, and 65 percent of all respondents do not think their local police department is equipped to handle reports and investigate Internet crimes.
• Of the 17 percent who were victims of cybercrime but did not report them, 34 percent were either unsure what exactly happened or were not sure who to report it to.
• More than half (53 percent) of Americans indicated they have received fake anti-virus warnings but 87 percent said they did not believe the warning was legitimate. From 2008 to 2010, fake anti-virus scams have grown by 600 percent and are estimated to victimize one million Internet users per day, according to McAfee research.

Safe Computing Practices

• 54 percent of Americans don¹t back up their data regularly; with 21 percent backing up just monthly; 12 percent backing up only once a year and 20 percent of consumers never backing up.
• 21 percent say they don¹t think it¹s necessary to change passwords regularly account even though experts believe this is a basic online safety practice.  More than a million password-stealing malware samples were discovered from January 2011 ­ June 2011, according to McAfee Labs.
• 25 percent say they never change their passwords unless prompted.

Social Networks

• 26 percent say they are sharing more information on social networks today than one year ago.
• Nearly half (47 percent) of Americans are confident in their ability to use privacy and security account settings in their social networks, but another 47 percent are only somewhat confident with 24 percent saying they are not confident at all.
• 15 percent of respondents have never checked their social networking privacy and security account settings and only 18 percent said they the last time they checked their settings was in the last year.
• Meanwhile, one out of ten (11 percent) Americans reported that their social network has been hacked in the last year, while 81 percent did not.

Children and Online Safety

• 70 percent of Americans say that they represent their child/children¹s primary source of information for online safety, yet 48 percent of parents are not completely confident that their children can use the Internet safely.
• According to the survey, parents worry most about contact with strangers (38 percent) online, seven percent worried about bullying and harassment and nine percent were worried about identity theft even though 140,000 minors are the victims of ID fraud each year according to ID Analytics.
• The concern that ranked second according to parents was exposure to adult content yet 44 percent of parents admit they have not discussed Internet pornography with their children and 44 percent don¹t have content-filtering software on their computers.
• 48 percent of the parents surveyed say they know their child/children have seen pornography online and of the parents who aren¹t sure if their kids have seen adult content, 68 percent think it unlikely that they have.
• Of those parents who don¹t have content-filtering software, 34 percent say they trust their kids.

Workplace Cyber Security Practices

• The survey also polled a sub-sample of Americans cyber security practices and attitudes in their workplace.  The survey found that a majority say their employer has a formal work Internet usage policy (59 percent) while 26 percent do not.
• But respondents are split as to whether or not they have had training on keeping their work computers safe and secure (43 percent to 43 percent).
• Seven in ten (69 percent) say that a safe and secure Internet is dependent to their job, 45 percent of which say it is very dependent. Six in ten (61 percent) say that losing Internet access at their job for 48 consecutive hours during a regular business week would be disruptive, 43 percent say it would be extremely disruptive.
• A 2011 NCSA/Symantec study of small businesses finds that two thirds (66 percenet) say that their business is dependent on the Internet for its day-to-day operations, two fifths of which (38 percent) would characterize it as very dependent.  Two thirds (67%) of small business owners describe their businesses as more dependent on the Internet than it was 12 months ago.

Age Disparities

• Respondents ages 18-54 feel that individual users are most responsible for keeping the Internet safe and secure, whereas users 55 and older believe that it is the Internet service provider who is most responsible.
• As the age of the user increases, so does their concern over identity theft, with 40 percent of 18-29 year olds, 39 percent of 30-49 year olds, 47 percent of 50-64 year olds, and 50 percent of those 65+ citing this as their largest concern.
• As respondents¹ age increases, a smaller percentage feels safe using smartphones with 23 percent of 18-29 year olds, 11 percent of 30-49 year olds, and 2.5 percent of 50-64 year olds feeling safe accessing the Internet using their smartphones.

Gender Attitudes Towards Cyber Security

• If a computer were infected by a virus or malware, and the user was provided step-by-step instructions to fix it, only 31 percent of females feel very confident in fixing the computer on their own versus 53% of males who feel very confident about pursuing this task.
• Nearly one in every five males (or 19 percent) backup their data and digital information on a daily basis while a less amount of females ­ only 12 percent -- do so each day.
• Thirty-eight percent of females have undergone training to keep their computer safe and secure at work, while 48 percent of males received training about safe and secure cyber security practices in the workplace.

For the study, NCSA and McAfee commissioned Zogby International to analyze the cyber security behaviors and perceptions of Americans.  The study surveyed 2,337 adults nationwide from 9/23/11 to 9/28/11. Slight weights were added to region, age, race, gender, and education to more accurately reflect the population. The margin of error is +/- 2.1 percentage points. Margins of error are higher in sub-groups.  The MOE calculation is for sampling error only.