“By checking this box I agree to accept the terms and conditions that I have not read.”
Even now, I only become aware of my lax attitude toward personal security because we’ve been working closely with RSA on a study conducted by the Ponemon Institute on consumer security perceptions. To be fair I’ve never (that I know of…) been a victim of fraud or identity theft, which might account for my lack of security self-awareness. Otherwise I’d like to think my behavior might change.
I’m far from alone in my behaviors. RSA’s research found that 45% of consumers state recent breaches have not affected their use of credit or debit cards. And I’m as guilty as any of them with my bad security behavior. In fact, I often say that the only reason my credit card hasn’t been compromised has nothing to do with my security consciousness, but is because I forget my password every time I go to log-in, forcing me to create a new one each time.
I can understand why the average person might develop these bad habits due to a lack of understanding the implications of poor practices. But I spend my days supporting the IT security organizations fighting the good fight against cybercriminals and promoting safer online practices. So what’s my excuse? Why don’t I eat my own safe and secure dog food?
The truth? I chalk it up to a mix of apathy and fatalism and put blind trust in the things I download (and now that I’ve put that it writing I see how dumb that is). For everything else I figure if I get hacked, I get hacked, what can I really do at this point to stop it when fraudsters have graduated to installing POS malware at all the stores I shop at and ATM skimmers where I get my cash?
I understand the naiveté of my reasoning here. Of course there are a lot of things I can do to improve my personal security: keep detailed records of all my purchases, pay close attention to my credit and debit card statements, change my passwords regularly and employ multi-factor authentication where I can.
A lot can be said about how businesses can improve their security practices to better protect their consumers (but that’s a whole other blog), but from the individual consumer perspective, it’s not too hard to do our part too. Especially with the holiday shopping season fast approaching (CHEN’s hood in DTX has already begun putting up decorations) it’s a good a time as any to be mindful of how we treat our sensitive personal information.