Study Reveals Americans Remain at Risk from “Cyber Confusion” Both at Home and in the Workplace

Woburn, MA and San Francisco, CA - 13 February 2017

Survey reveals that only 36 percent of Americans would be a customer of their own employer knowing what they know about their company’s cybersecurity practices

Kaspersky Lab and HackerOne, the leading bug bounty platform, today announced results of the Hacking America: Cybersecurity Perception study, which revealed that American businesses and consumers still need a more comprehensive understanding of cyberthreats and how to protect personal and sensitive business data online.

To better understand how Americans think about hacker motivations, consumer versus business security responsibilities, ransomware and the political climates impact on the threat landscape, Kaspersky Lab and HackerOne surveyed over 5,000 U.S. consumers at least 16 years old.

State of Cybersecurity and Politics in the U.S.

The research shows that Americans remain divided regarding what impact the new president will have on the nation’s cybersecurity protection.

  • Nearly half of U.S. adults surveyed (44%) believe that North America will be more vulnerable to cyber-espionage or nation-sponsored cyberattacks with Donald Trump as president of the United States.
  • Of the U.S. millennials surveyed more than half thought that North America would be more vulnerable to cyber espionage or nation-sponsored cyberattacks with Donald Trump as president (56%).

Cyber Security Practices Affect Consumers Purchasing Decisions

The results revealed that consumers are beginning to make purchasing decisions based on the cyber security practices of businesses; and younger generations, who are considered digital natives, see value in companies hiring hackers to help protect consumer data.

  • More than one in five (22%) U.S. adults are more likely to make a purchase if they know a company hired hackers to help boost security.
  • Only 36 percent of U.S. adults said that they would choose to be a customer of their own employer knowing what they know about their company’s cybersecurity practices.
  • 29 percent of Americans, 35-44 years old claim they are more likely to make a purchase if a company works with hackers for data protection, while Americans 55 years or older claim that it would not impact their purchasing decision (55%).

Responsibility of Cyber Security Falls on Businesses for Some, but Not All

The survey found that the majority of Americans are looking to others to take responsibility for their security; however, the younger generations believe that they should take ownership for protecting their own data when making purchases online.

  • 73 percent of U.S. adults believe retailers should be responsible for protecting consumer data, followed by credit payment companies at 64 percent.
  • More than half (63%) of adults ranging in ages 25 to 43 years old admit they should take responsibility for protecting their own data when purchasing online, while 74 percent of adults over 55 years old and older say retailers should be responsible for the protection of data when purchasing online.

Consumer Don’t Expect Companies to Give-in to Ransomware Demands

Ransomware attacks on businesses are on the rise – from an attack every two minutes in January 2016, to every 40 seconds by October 2016, according to a Kaspersky Lab report, however, fewer Americans believe companies should pay a ransom to get data back.

  • Nearly two in five U.S. adults do not expect companies to pay a ransom if they were hacked.
  • When asked what types of data they would expect a business to pay a ransom for in an attempt to get the information back, 43 percent expect companies to pay for employee social security numbers, followed by customer banking details (40%) and employee banking details (39%).
  • Women are more likely than men to expect a company to pay a ransom if the organization falls victim to this type of cyber-attack (63% of women vs. 58% of men).

“This study helps to highlight the ongoing confusion among Americans, both at home and while at work, regarding cybersecurity,” said Ryan Naraine, head of the U.S. Global Research and Analysis Team, Kaspersky Lab. “Cybersecurity is everyone’s responsibility, and it’s imperative that the security community, businesses and governments routinely work together to educate Americans on cyber threats. We need to ensure that consumers and organizations are not only educated on the risks, but also know the best solutions for safeguarding sensitive data from cybercriminals.”

“Every business online today is vulnerable to new risks that are inevitably being passed down to their customers,” said Alex Rice, CTO and founder of HackerOne. “The data from this report highlights a growing trend that consumers cast votes of confidence in the businesses that proactively work with hackers to keep their data safe from breaches.”

Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.

HackerOne is the #1 bug bounty and vulnerability disclosure platform, connecting organizations with the world’s largest community of trusted hackers. More than 700 organizations, including The U.S. Department of Defense, General Motors, Uber, Twitter, GitHub, Nintendo, Kaspersky Lab, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities before criminals can exploit them. HackerOne customers have resolved more than 38,000 vulnerabilities and awarded more than $14M in bug bounties. HackerOne is headquartered in San Francisco with offices in Seattle, Los Angeles, North Carolina and the Netherlands.