From British Airways to Uber, recent data breaches have shown how valuable our data is to cybercriminals – and the lengths to which they will go to access it.
The size and impact of these breaches has meant that topics once reserved for tech experts and IT personnel have transitioned into a more mainstream conversation. Revelations about how important our data can be, such as the Cambridge Analytica scandal, have amplified these sentiments and changed the way in which many use digital services altogether.
To understand how UK millennials view cybersecurity, how they would react if their data was compromised and what it means for businesses today, Radware sought the opinions of 500 consumers aged between 18 and 34 in the UK.
The result is that millennials, and in fact most consumers, are very concerned about how the organisations they are trusting with their data safeguard their information – and how they will make amends if a breach does occur.
Our survey found that almost half of UK millennials now refuse to give up their personal data to businesses as they don’t trust them to keep that data safe.
- 45 per cent of those surveyed said that they never share it with companies as they did not trust them
- 14 per cent said that they share personal data only with trusted brands
- 11 per cent said that they share personal data all the time
- 6 per cent said that they use false information
Millennials are also likely to look outside the box when it comes to checking for data breaches. In our survey, almost 15 per cent said they searched the dark web to find their data, while 13 per cent used data breach search websites.
Disconnect between trust of brands vs trust of friends
But while the majority are security conscious when it comes to how businesses use their personal data, many are in fact taking risks when it comes to other forms of data security, like sharing their entertainment login details such as Netflix or Amazon Prime with friends and family.
When we consider that it has been suggested up to 80 per cent of the population use the same password for all of their online accounts, these millennial login sharers may be inadvertently be sharing their online banking and credit card passwords at the same time as sharing their entertainment account login. It’s clear to see how a problem could develop.
Paying a high price for using social media
To improve the safety of their data online, millennials are taking action:
Millennials are known for surfing the top of the social media wave, but many reported negative experiences that have caused them to rethink the way in which they interact with social platforms. Almost a quarter of millennials surveyed said that something that they posted had spoiled a friendship or relationship, while almost 20 per cent said that their social media usage had stopped them from getting a job. Public posts also had an effect on education opportunities, with 7 per cent revealing that something they posted stopped them from getting into a college or university. With these potentially life-changing opportunities at stake, it’s perhaps unsurprising that many millennials reported a shift in the way they interact with social media — although only 14 per cent said that they had left social media entirely.
- 32 per cent said that they stopped connecting with strangers
- 30 per cent said that they now delete their history or cookies regularly
- 29 per cent reported that they changed their privacy settings to give themselves more protection
- 27 per cent said that they reviewed and deleted old posts to prevent outdated or unwanted content from coming back to haunt them
- 25 per cent said that they no longer share photos or location data online
It’s important to take password hygiene seriously
There’s currently a battle going on between security and usability, with businesses and consumers both trying to find a sweet spot between a comfortable service and providing the necessary security.
For consumers, especially millennials, there are some rules of thumb that can help in this battle:
1. Protect your passwords
The most important rule is also the most obvious – protect your passwords! Unsecured login credentials are today’s number one tool for cybercriminals to access user information. Usernames and passwords are for sale on the dark web by the millions and, as mentioned before, hackers know people are often using the same password on different sites so they are likely to try using these credentials on other, more valuable, sites.
2. Avoid using the same password twice
We all struggle to remember some of the complicated passwords we have to create in order to gain access to some websites. That’s why the temptation to replicate credentials across sites is strong. After all, humans are not meant to remember passwords, and good passwords should be hard to memorise!
3. Consider using passphrases
One approach to deal with the issue is to use passphrases which are easier to remember. However, this approach can still lead to the temptation to use the same passphrase everywhere and often websites prompt the user to create passwords with variations in letter case, characters, and numbers that are themselves difficult to remember.
4. Let your computer do the hard work for you
A better approach is to let your computer take the strain and use a password manager. Using a unique random password for each site is the best way to protect yourself from data theft online as if data leaks from one site it will have no effect on the rest of the sites you visit.
5. Use two-factor
Additionally, use two-factor authentication where available. This will ensure that even if a hacker has your password, it will be very hard to break into the site. Specifically, use two-factor authentication when you log in to your password manager.
6. Keep your password manager safe
Remember, although using a password manager might be considered a risk by itself – you’re putting all of your passwords in one place, after all – security experts believe that the risk is still lower than any other password system. Modern password managers do a great job at keeping your passwords secret. But in order to lower the risk further, never log in to your password manager on an unknown device.
Jeff Curley, Head of Online Digital UK. Radware
Image source: Shutterstock/deepadesigns