Survey: Americans feel their personal information is vulnerable

July 22, 2008
New report shows majority of Americans don't feel their data is adequately protected

Only an average of eight percent of Americans say they are very confident in the ability of U.S. retailers, government and banks to protect their personal information, according to a national survey commissioned by CA, and conducted by The Strategic Counsel. The CA 2008 Security and Privacy Survey was done as in follow-up to the 2006 survey.

Additionally, the consumer survey indicated that an average of 79 percent of American consumers cite loss of trust and confidence, damage to reputation, and reduced customer satisfaction as consequences of major security and privacy breaches suffered by the business or government organizations that they deal with.

According to the survey, the nature of the threats plaguing businesses has changed. While respondents report that the number of computer virus attacks, network attacks and denial-of-service attacks are all down an average of 11 percent in the 12 months preceding the 2008 survey, as compared against the data collected in 2006, the findings also reveal that the number of internal security breaches - those that come from within the organization - have increased from 42 percent in 2006 to 44 percent. Even more significant is the increase from 15 percent of the respondents reporting internal breaches in the 12 months preceding the 2003 survey to 44 percent today.

"U.S. businesses and governments recognize it doesn't take much to shake consumer confidence, and they recognize the need to do all they can to assure consumers and constituents," said Lina Liberti, vice president, CA Security Management. "Businesses used to worry about the hackers and thieves launching denial of service attacks from outside the firewall, now they recognize that their greatest danger lurks within the organization. The good news is that increasingly businesses are turning to identify and access management solutions to ensure that confidential data is safeguarded and available only to the people within the organization who genuinely need to have it."

The survey indicated that the number of organizations planning to roll out identity and access management solutions in the next 12 to 18 months increased 11 percent, moving from 49 percent in 2006 to 60 percent in 2008.

A number of Americans reported that they have fallen victim to theft of their personal information, like their Social Security Number or credit card information. Of those polled, 22 percent said they have experienced personal information theft and nearly half (48 percent) said they know someone who has had their personal information stolen, the survey said.

The CA survey also revealed that a significant majority of consumers feel that businesses and governments do not spend enough on improving online security and privacy:

- 72 percent think retailers do not spend enough on online security and privacy.

- 68 percent think the governments do not spend enough on online security and privacy.

- 58 percent think major financial institutions do not spend enough on online security and privacy.

Their suspicions are not unfounded: an average of 32 percent of U.S. security executives believe that the investment their company makes in security is inadequate, the company noted in a release.