IBM Survey: Pandemic-Induced Digital Reliance Creates Lingering Security Side Effects

IBM Security today announced the results of a global survey examining consumers’ digital behaviors during the pandemic, as well as their potential long-term impact on cybersecurity. With society becoming increasingly accustomed to digital-first interactions, the study found that preferences for convenience often outweighed security and privacy concerns amongst individuals surveyed – leading to poor choices around passwords and other cybersecurity behaviors.  

Consumers’ lax approach to security, combined with rapid digital transformation by businesses during the pandemic, may provide attackers with further ammunition to propagate cyberattacks across industries – from ransomware to data theft. According to IBM Security X-Force, bad personal security habits may also carry over to the workplace and can lead to costly security incidents for companies, with compromised user credentials representing one of the top root sources of cyberattacks reported in 2020.

The global survey of 22,000 individuals in 22 markets, conducted by Morning Consult on behalf of IBM Security, identified the following effects of the pandemic on consumer security behaviors: 

Digital Boom will Outlast Pandemic Protocols: Individuals surveyed created 15 new online accounts during the pandemic on average, equating to billions of new accounts created around the world. With 44% reporting that they do not plan to delete or deactivate these new accounts, these consumers will have an increased digital footprint for years to come, greatly expanding the attack surface for cybercriminals.

Account Overload Led to Password Fatigue: The surge in digital accounts led to lax password behaviors amongst those surveyed, with 82% of respondents admitting to reusing credentials at least some of the time. This means that many of the new accounts created during the pandemic likely relied on reused email and password combinations, which may have already been exposed via data breaches over the past decade.

Convenience Often Outweighed Security & Privacy: More than half (51%) of millennials surveyed would rather place an order using a potentially insecure app or website vs. call or go to a physical location in person. With these users more likely to overlook security concerns for the convenience of digital ordering, the burden of security will likely fall more heavily on companies providing these services to avoid fraud. 

As consumers lean further into digital interactions, these behaviors also have the potential to spur the adoption of emerging technologies in a variety of settings – from telehealth to digital identity. Read the detailed global press release- https://newsroom.ibm.com/2021-06-15-IBM-Survey-Pandemic-Induced-Digital-Reliance-Creates-Lingering-Security-Side-Effects

India findings

Digital IDs here to stay: embedding next-level security and privacy imperative

  • Indian respondents interacted with all types of businesses/organizations through websites and mobile apps more during COVID, especially banking (65%) and shopping/retail (54%). Respondents over 35 saw the largest increase in digital interactions during the Covid-19 pandemic, though all age groups saw at least some increases.

  • Indian respondents created about 19 new online accounts during the pandemic across all categories, and on average, created 3 new accounts for social media and entertainment. Indian respondents over 50 created about 27 new online accounts during the pandemic across all categories and created more new accounts across each category than any other age group.

  • Adults 35-39 Most Likely to Continue Digital-First Interactions: Across all businesses/organizations, 35-49-year-old Indian respondents are most likely to predict they will interact via website or mobile phone in life after the COVID-19 pandemic

  • Larger digital footprints here to stay: 36% of Indian respondents do not plan to delete or deactivate any of the new accounts they created during the pandemic after society returns to pre-pandemic norms

Convenience in contactless services has led to poor consumer security habits

  • Nearly half (47%) of Indian respondents mostly or always re-use the same credentials they have used for other accounts, and 17% have an even mix of re-used credentials and new credentials. 50% of 35-49-year-old Indian respondents always or mostly re-use the same credentials that they have used for other accounts.

  • A majority of Indian respondents (57%) across all demographics, except GenZers, would rather place and pay for an order digitally than go to a physical location or call to place an order even if they had concerns about the website/app’s safety or privacy.

  • Security and Privacy were top reasons to avoid using an app – but most still choose to use either way. About four in ten Indian respondents would avoid using an online platform to shop or place an order over concerns over app or website privacy (40%) and concerns over an app or website security (38%)

  • A majority (51%) of respondents in India would remove permission for an application track behavior if the app were tracking activity across other apps and websites

  • Four in ten (39%) Indian adults always allow an application to track activities across other apps and websites when asked.

  • Nearly half (49%) of Indian respondents store their online account information in their memory, and over a third (35%) store their information on a piece of paper.

Pandemic produces savvier consumers: can businesses keep up?

  • Over half of Indian respondents trust healthcare (51%) and banking/financial institutions (56%) a lot to protect their personal/sensitive information. Social Media is ‘Most Distrusted’ with 22% saying they trust those businesses ‘not much’ or ‘not at all.'

  • Indian respondents generally prefer biometrics to log in to existing accounts for banking/financial instructions but prefer single-sign-on/social media logins or email/username and password for accounts across other categories

  • Over seven in ten respondents in India have used a two-factor or multi-factor authentication to access an online account across all time periods

  • Bad UX Leads to Lost Business: About 40% of Indian respondents have given up on an online purchase, application, or transaction based on negative experiences logging in (42%), signing up (40%), or completing the payment (41%)

  • A majority (56%) of respondents in India expect to spend between 1-5 minutes setting up a new digital account

Prashant Bhatkal, Security Software Sales Leader, IBM Technology Sales, India/South Asia, “The big takeaway from this survey is that consumers have become accustomed to the convenience of digital interactions during the pandemic, and this trend is expected to continue even after society returns to pre-pandemic norms. Companies that are more reliant on digital engagement with consumers during the pandemic must consider the effects of these changes on their security risk profile.

Today, organizations across various sectors must look to embed advanced tools, leveraging AI and analytics, to modernize their Identity and Access Management platforms in the current hybrid environment. The need of the hour is to provide a frictionless user experience across digital platforms while creating a stronger security posture and limiting potential risk. To assure the greatest levels of security, companies in India must adopt a ‘Zero-trust’ approach,  develop and understand the context around every user, every device, and every interaction making it a mission-critical agenda.”

 

Detailed report- http://ibm.biz/IBMSecurity_ConsumerSurvey 

 

 
Methodology: This study was conducted by Morning Consult on behalf of IBM from March 12-26, 2021. The study was conducted among 22,000 adults -- with 1000 each in the following 22 markets: Argentina, Australia, Brazil, Canada, Chile, Colombia, France, Germany, India, Italy, Japan, Mexico, Peru, Singapore, South Korea, Spain, UK, US, Middle East, Central & Eastern Europe, Nordics, and BNL (Belgium, Netherlands, and Luxembourg). The study was conducted online and the data were stratified to match a target sample of adults in each country on age and gender, then weighted based on age, gender, race, and education level. Results for the global results have a margin of error of +/- 1% and results for each country have a margin of error of +/- 3% at a 95% confidence level.