Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Survey Examines Cybersecurity Perception in U.S.

Survey Highlights Widely Divergent Views on State of Cyber Security in America

A new survey of American adults’ perceptions of cybersecurity and hackers shows both a generational and a gender divide in attitudes. Young adults often display a more pragmatic approach compared to a more hardline attitude from older Americans, while there is a frequent difference between the genders.

Survey Highlights Widely Divergent Views on State of Cyber Security in America

A new survey of American adults’ perceptions of cybersecurity and hackers shows both a generational and a gender divide in attitudes. Young adults often display a more pragmatic approach compared to a more hardline attitude from older Americans, while there is a frequent difference between the genders.

5000 American adults aged 16+ responded to an online survey conducted by Opinion Matters for HackerOne and Kaspersky Lab during December 2016. The purpose was to get insight into consumers’ perception of the hacker mindset and motivation without specifically differentiating between blackhat hackers and whitehat researchers.

The generational divide is clearly shown in the respondents’ attitude towards hacker motivation. Fifty-two percent of respondents aged 45-55+ believe that hacker motivation is to be malicious, and 59% believe the motivation is to create problems. Only 35% of those aged 16-24 think hackers hack with malicious intentions.

However, far fewer Americans believe in ‘good intentions’: 15% believe hackers hack to report vulnerabilities, and only 14% believe they are motivated by ‘good feeling’ in helping companies and government understand security weaknesses.

Knowledge of bug bounty and pentesting operations seems to make little difference to Americans’ buying behavior. Only 22% say they are more likely to make a purchase from companies that use these to protect their services, while 54% say it will make no difference.

Of particular interest is the response to a question about current politics: “Do you think North America will be more vulnerable to cyber-espionage or nation-sponsored cyberattacks with Donald Trump as President of the United States?” Only 28% believed in December 2016 that Trump policies will definitely make the US more vulnerable. Sixteen percent thought it possible, but 56% didn’t “think the risk will be any higher than before.”

This seems to be in sharp contrast to current thinking from the government agencies tasked with protecting the US. The Observer yesterday published an article headlined “Intelligence Community pushes back against a White House it considers leaky, untruthful and penetrated by the Kremlin.” Written by John Schindler, a former National Security Agency analyst and counterintelligence officer, it claims, “Our Intelligence Community is so worried by the unprecedented problems of the Trump administration… that it is beginning to withhold intelligence from a White House which our spies do not trust.”

Advertisement. Scroll to continue reading.

Of particular concern is a series of December telephone conversations between national security adviser Michael Flynn and the Russian embassy in Washington which would have been automatically monitored by US SIGINT (discussed in detail in The Washington Post on Thursday last week).

The implication is that the American people had greater trust in Trump’s national security in December 2016 than the US intelligence community has in February 2017. 

The survey (PDF) question also highlights both the generational and gender differences among American attitudes. Men are less concerned than women (60% vs 52%) about the state of cybersecurity under the new administration, while millennials (aged 16-24) “were the most likely to think that North America would be more vulnerable to cyber espionage or nation-sponsored cyberattacks with Donald Trump as president (56%).”

Particularly concerning, however, is that the majority of consumers do not trust their own employers. “Only 36% of U.S. adults,” says the report, “said that they would choose to be a customer of their own employer knowing what they know about their company’s cybersecurity program and ability to protect customers from cyber criminals.”

“This study,” concludes Ryan Naraine, head of the U.S. Global Research and Analysis Team at Kaspersky Lab, “helps to highlight the ongoing confusion among Americans, both at home and while at work, regarding cybersecurity. Cybersecurity is everyone’s responsibility, and it’s imperative that the security community, businesses and governments routinely work together to educate Americans on cyber threats. We need to ensure that consumers and organizations are not only educated on the risks, but also know the best solutions for safeguarding sensitive data from cybercriminals.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture