Poll Says U.S. Adults Believe Companies Pass Along Costs of Cyber Security Breaches

Citadel Security Software Inc., a leader in full life cycle vulnerability management and policy enforcement solutions, announced the results of a nationwide poll measuring consumer attitudes toward cyber security. The poll found that a majority of U.S. adults (51%) believe that companies recoup the costs associated with an IT security breach by passing the financial burden on to consumers. The poll was conducted by Harris Interactive(R) and surveyed a total of 2,015 adults aged 18 and older, residing across the United States.

The survey defined the costs associated with a cyber security breach as including costs to fix systems, business downtime and lost or damaged information. Two-thirds (64%) of adults disapprove of companies passing these costs on to them. One in three (33%) of those surveyed would support government legislation ensuring that all companies use the same security standards to protect the security of their IT infrastructure.

Those who favor legislation have made it clear in this poll that they want severe punishment for companies that do not comply with any new laws. Ninety-four percent of adults who support legislation that would ensure that all companies use the same security standards to protect the security of their IT infrastructure favored consequences of some type. Seven in ten (70%) of those favoring legislation, or almost one in four of all respondents (23%), want to see companies fined for violating IT security legislation. Other consequences ranged from adding a company to a consumer "blacklist" that is publicly available (54%), to jail time for high-level executives, including the CEO (15%).

"I am hopeful that continuing awareness and pressure from consumers will get the attention of corporate America and that all businesses will be more proactive in addressing their cyber security responsibilities on behalf of their customers, the American people and the U. S. economy," stated Congressman Adam H. Putnam, Chairman of the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census.

"I believe that cyber security is an issue that companies can resolve without government intervention, however time is running out to take pro-active measures toward securing systems," said Steve Solomon, CEO of Citadel Security Software. "This Harris Interactive survey shows that consumers are aware they are paying for companies to clean up after cyber security breaches, and they aren't happy about it. With many consumers calling for legislation and fines, companies need to regain confidence by eliminating vulnerabilities before arduous and costly legislation is mandated."

Citadel is dedicated to educating both the public and private sectors on best practices for bridging security and operations departments to develop, implement and enforce security policies. This survey was conducted as part of Citadel's contribution to National Cyber Security Awareness Month, occurring in October.

Harris Interactive(R), via its QuickQuery(SM) online omnibus, fielded the four question survey on behalf of Citadel Security Software. The online sample consisted of 2,015 adults nationwide and was comprised of 932 men and 1,083 women - 18 years of age or older.

The data were weighted to be representative of the total U.S. adult population on the basis of region, age within gender, education, household income, race/ethnicity and propensity to be online.

Interviewing for the survey was completed on August 23-25, 2004.

In theory with probability samples of this size one can say with 95 percent certainty that the sampling error is plus or minus 2.2 percentage points. This online sample was not a probability sample.