Cybersecurity survey report: when and how we protect files
Jun 18, 2020
Cybersecurity is a game of cat and mouse. We’re trying to catch up with the bad guys, but they are always one step ahead. One way to close this gap is by educating the public.
In April 2020 we surveyed 1,400 adults from the US and the UK, asking them what they knew about cybersecurity, file protection, and how important they considered it to be.
In some ways, the data sets from the two countries overlap. For example, email is by far the most popular way to share files. But there were also some notable differences, especially when we compared how many users knew about encryption.
People are generally protective of their personal belongings. You wouldn't share your toothbrush or use a public one, would you? It’s quite different when it comes to our digital belongings. While we’re often the only ones using our smartphone, computers can be shared among family, roommates, or coworkers.
Personal computer sharing
In the US, less than half (45%) of computer users don't share their personal computer. In comparison, the number is slightly higher (49%) in the UK. However, 52% of users in the US and 50% in the UK do use a computer that's also used by someone else. This is usually a spouse (around 40% in both countries), children (around 20%), parents (6%), and coworkers(3%). Only 3% of respondents said they used a public computer.
Files stored on computers
As far as what people keep on their computers goes, personal photos are the most common file type in both countries. Almost 8 in 10 users store personal photos on their computers, while around a third of all respondents keep personally identifiable information and work-related data.
The two countries are quite different when it comes to tax records. The American tax filing system requires individuals to store their tax information, causing 33% of users in the US to store this information on their personal computers. In comparison, it’s only 17% in the UK. US users also store more medical records (23%), compared to the UK's 15%.
No matter the file type, the vast majority of users (around 7 in 10) consider photos, tax and medical records, work-related data, and personal indefinable information as very or extremely valuable.
Of course, we don't only keep files. We also share them, although that wasn’t the case for one quarter of respondents. Those who do share files mentioned email as their preferred method, with as many as 56% of users. Cloud storage services were mentioned by around 1 in 3 respondents.
There was an interesting discrepancy with messaging apps. While only one quarter of users in the US use messaging apps to share files, it's the second most common method in the UK, used by almost 1 in 2 respondents.
How people feel about cyber threats
How big of a threat is a cyber threat? It's hard to tell because when it happens, we hardly ever tell our friends and coworkers. We might feel embarrassed about clicking on the scam link or, if nothing happens right away, dismiss it as a false alarm.
Whatever the case may be, we wanted to find out how often people get in trouble online. Unfortunately, more often than you would think.
The survey showed that 55% of users in the UK had experienced a cyber attack at least once. The number is even higher in the US, with 67% of respondents. The most common incidents include:
- Computer virus - UK 33%, US 46%.
- Clicking on a link in a scam email - UK 20%, US 32%.
- Stolen password - UK 14%, US 23%.
The survey also revealed that ransomware is increasingly becoming an issue. Around 8% of users in both the UK and US had been asked to pay a ransom to regain access to their files.
Losing a device or password
Part of being good at cybersecurity is doing better the next time around, but this can't happen if the victim doesn't understand the severity of the situation. We asked people how concerned they would be if they fell victim to a cyberattack, lost a device or password.
Over 75% of users rated losing a device or finding out that someone had access to their personal computer as extremely concerning.
As many as 83% of users compared the feeling of losing a device to finding your front door open when you arrive home and personal documents being stolen. While 79% of UK users would equate losing a device with losing a wallet, 85% of US users would feel that way.
76% of UK users would be extremely concerned about a stolen email password, rating it as worse than losing a job. In the US, it would worry 72% of respondents — they rated it as worse than personal illness but not as bad as losing a job.
An incident where a cloud provider has sent photos to someone else ranked similarly to receiving a phone call from the local police.
Exposure to cyber threats
Becoming a victim of a cyberattack is awful, but there's a silver lining: it forces internet users to be more careful. Compared to respondents who hadn't experienced a cyber attack, those who did were much more likely to use passwords to protect sensitive files, use encrypted cloud storage, hide files manually, or use encryption software.
Overall, 32% of UK users who had not been exposed to cybercrime did not protect their files. This is compared to 19% who had. The gap is even bigger in the US, with 39% against 16% of users respectively.
The change of attitude towards digital security after a cybercrime is also represented by an increased interest to protect personal data. After a cyber attack, people's interest in protecting their files had risen significantly. Now, UK users were much more likely to secure both shared files and those on their computers (both 13% increase). There was also a 9% increase in the interest to protect cloud and smartphone data.
In the US, the interest to protect computer files had also increased by 13%. A 9% increase was recorded for smartphone data and files on external drives.
What do people know about encryption?
As an encryption tool, we also wanted to know whether people knew what encryption is and how interested they were in using it.
Our survey revealed that while people know what encryption is, they rarely use it to protect their files. For example, 50% of US users and 56% of UK users knew what encryption was, but only 22% respondents in the US and 25% in the UK had ever used encryption tools. Only around 11% of those surveyed use encryption regularly.
Who uses encryption?
The demographics of those who use encryption is varied. While the results from the UK users are distributed quite evenly, the picture in the US is different.
Used encryption tools at least once and use encryption now in UK:
- Aged 18-24 - have ever used 31%; use now 13%.
- Aged 25-34 - have ever used 30%; use now 13%.
- Aged 35-44 - have ever used 29%; use now 12%.
- Aged 45+ - have ever used 21%; use now 9%.
Compare that to the US, where the numbers are skewed towards one particular age group.
Used encryption tools at least once and use encryption now in the US:
- Aged 18-24 - have ever used 25%; use now 7%.
- Aged 25-34 - have ever used 37%; use now 18%.
- Aged 35-44 - have ever used 27%; use now 14%.
- Aged 45+ - have ever used 19%; use now 8%.
The UK has a relatively even gender distribution:
- Have heard about encryption: 54% males, 58% females.
- Have used encryption: 25% males, 25% females.
- Use encryption: 11% males, 10% females.
- Aged 45+ - have ever used 19%; use now 8%.
In the US, males are more likely to have heard about encryption and use it:
- Have heard about encryption: 55% males, 46% females.
- Have used encryption: 28% males, 21% females.
- Use encryption: 13% males, 8% females
There’s a lot to take away from the results of this survey. The fact alone that 1 in 2 users have fallen victim to a cyber attack is enough to give you the chills. It’s important to understand that there’s nothing embarrassing about getting a computer virus or falling victim to ransomware. The more people speak about such things, the less likely they are to happen.
If you know anyone who would be interested in the results of this survey, please share this article by clicking on the social buttons below.
John believes that the best things in life are simple. He uses the same approach when he’s writing about online security. John says that his #1 pet peeve is phishing scams. Ironically, his favorite non-work related activity is fishing.