Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Survey Examines Cybersecurity Perception in U.S.

Survey Highlights Widely Divergent Views on State of Cyber Security in America

A new survey of American adults’ perceptions of cybersecurity and hackers shows both a generational and a gender divide in attitudes. Young adults often display a more pragmatic approach compared to a more hardline attitude from older Americans, while there is a frequent difference between the genders.

Survey Highlights Widely Divergent Views on State of Cyber Security in America

A new survey of American adults’ perceptions of cybersecurity and hackers shows both a generational and a gender divide in attitudes. Young adults often display a more pragmatic approach compared to a more hardline attitude from older Americans, while there is a frequent difference between the genders.

5000 American adults aged 16+ responded to an online survey conducted by Opinion Matters for HackerOne and Kaspersky Lab during December 2016. The purpose was to get insight into consumers’ perception of the hacker mindset and motivation without specifically differentiating between blackhat hackers and whitehat researchers.

The generational divide is clearly shown in the respondents’ attitude towards hacker motivation. Fifty-two percent of respondents aged 45-55+ believe that hacker motivation is to be malicious, and 59% believe the motivation is to create problems. Only 35% of those aged 16-24 think hackers hack with malicious intentions.

However, far fewer Americans believe in ‘good intentions’: 15% believe hackers hack to report vulnerabilities, and only 14% believe they are motivated by ‘good feeling’ in helping companies and government understand security weaknesses.

Knowledge of bug bounty and pentesting operations seems to make little difference to Americans’ buying behavior. Only 22% say they are more likely to make a purchase from companies that use these to protect their services, while 54% say it will make no difference.

Of particular interest is the response to a question about current politics: “Do you think North America will be more vulnerable to cyber-espionage or nation-sponsored cyberattacks with Donald Trump as President of the United States?” Only 28% believed in December 2016 that Trump policies will definitely make the US more vulnerable. Sixteen percent thought it possible, but 56% didn’t “think the risk will be any higher than before.”

Advertisement. Scroll to continue reading.

This seems to be in sharp contrast to current thinking from the government agencies tasked with protecting the US. The Observer yesterday published an article headlined “Intelligence Community pushes back against a White House it considers leaky, untruthful and penetrated by the Kremlin.” Written by John Schindler, a former National Security Agency analyst and counterintelligence officer, it claims, “Our Intelligence Community is so worried by the unprecedented problems of the Trump administration… that it is beginning to withhold intelligence from a White House which our spies do not trust.”

Of particular concern is a series of December telephone conversations between national security adviser Michael Flynn and the Russian embassy in Washington which would have been automatically monitored by US SIGINT (discussed in detail in The Washington Post on Thursday last week).

The implication is that the American people had greater trust in Trump’s national security in December 2016 than the US intelligence community has in February 2017. 

The survey (PDF) question also highlights both the generational and gender differences among American attitudes. Men are less concerned than women (60% vs 52%) about the state of cybersecurity under the new administration, while millennials (aged 16-24) “were the most likely to think that North America would be more vulnerable to cyber espionage or nation-sponsored cyberattacks with Donald Trump as president (56%).”

Particularly concerning, however, is that the majority of consumers do not trust their own employers. “Only 36% of U.S. adults,” says the report, “said that they would choose to be a customer of their own employer knowing what they know about their company’s cybersecurity program and ability to protect customers from cyber criminals.”

“This study,” concludes Ryan Naraine, head of the U.S. Global Research and Analysis Team at Kaspersky Lab, “helps to highlight the ongoing confusion among Americans, both at home and while at work, regarding cybersecurity. Cybersecurity is everyone’s responsibility, and it’s imperative that the security community, businesses and governments routinely work together to educate Americans on cyber threats. We need to ensure that consumers and organizations are not only educated on the risks, but also know the best solutions for safeguarding sensitive data from cybercriminals.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Identity & Access

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).