The survey involved more than 26,000 respondents, interviewed face-to-face and in their own mother-tongue by TNS Opinion. The results are re-assuring in some cases, to be expected in others – and yet still somewhat surprising. For example, while use of the internet and attitudes towards security vary between different nation states, one of the most fundamental findings of the survey will not surprise security pundits at all: people are increasingly concerned about security, but do relatively little about it.
Eighty-nine percent of respondents avoid disclosing personal information online; and yet 52% use social networks, where disclosing personal information is rife and almost inevitable. Seventy-four percent of respondents believe the risk of cybercrime has increased over the last year, 72% do not trust websites to keep their data safe, and 66% do not believe public authorities will keep their data safe. But despite these concerns, only 51% of respondents have installed anti-virus software, while 53% have not changed online passwords during the last year.
This contradiction was not lost on Cecilia Malmström, EU Commissioner for Home Affairs, who commented, “While ever more people are making the most out of the Internet and benefit from the digital economy, it is not surprising that security of personal information and online payments top the list of our concerns. What is more surprising is that only half of Europeans take effective measures to protect themselves from cybercrime.”
André Stewart, president international at Corero Network Security, was drawn to the same issue. “There is a gap between perception and action,” he told Infosecurity. “The UK ranks among the highest in the number of people saying they were very well or fairly well informed about online security. However, fewer than half – slightly below the EU average – have installed antivirus software, and less than 40% avoid opening emails from people they don’t know.”
Just as the concern over cybercrime is growing, so too are the effects. Twelve percent of internet users across the EU have experienced online fraud, and 8% have experienced identity theft. Looking at these figures, Ian Pearson, CEO at Ballintrae believes it is a problem that could be easily tackled. “Over the past few years,” he told infosecurity, we have “recognized identity theft and fraud in online transactions as a growing trend – and the anguish caused to individuals is immense.” His solution is relatively simple. “Secure and cost effective ways of confirming a person's identity using voice biometrics mean that there is no excuse today for businesses not to be able to verify who the individuals appear to be.”
One of the problems highlighted by the report is that people do not feel well-informed about the risks of cybercrime. Fifty-nine percent of respondents considered they were not “very or at all well informed about the risks,” while only “38% say they are very or fairly well informed.” This perhaps indicates the way forward. “There is a clear link between being well informed and feeling confident online,” says the report. Although the report also shows that feeling confident and behaving securely do not necessarily go hand-in-hand, nevertheless education in both the threats and solutions must become a priority for the EU.