People being proactive about their personal cyber risks, but poor behaviors remain – survey
Dynata polled more than 1,600 respondents in the US and Canada between August and September this year on their cyber risk attitudes and behaviors.
“One of the biggest takeaways from this report is that it validated what we were thinking around people’s awareness of their cyber risks,” said Carolyn Boris, VP of personal risk services and personal cybersecurity expert.
“During the pandemic, there was a proliferation in the use of internet-connected technologies, and with that increase came a heightened awareness in people,” Boris continued. “But the other thing that was most interesting to us was that people are taking more action as well.”
The Chubb survey found more than half of Americans and Canadians (51%) said they used multi-factor authentication (MFA) to log into their online accounts, twice the level in last year’s report. About half (48%) of respondents cleared their browser history in the past 12 months, compared to under a third (28%) the year before. More people are also using cybersecurity software (38% this year versus 25% last year) and password protection apps (35% this year versus 19% a year ago).
Read more: Closing the disconnect between cyber risk awareness and action
“Multi-factor authentication is one of best things that people can do to protect themselves and to mitigate cyber risks,” Boris said. “Nearly 80% of people said they prefer to use multi-factor authentication when logging into their accounts. That’s really telling us that people are aware and they’re trying to do something about their personal cyber safety.”
Attention to passwords has also increased. Three out of four respondents reported updating their password for their primary bank or financial account in the last 12 months. 70% said they updated a password for a digital account voluntarily – without being prompted by the provider.
While good cyber hygiene is taking root among Americans and Canadians, the Chubb survey also found some risky habits were harder to break. Half of people still use their pet’s name or other easily identifiable information as new passwords. This habit was especially sticky in high-net worth Americans and Canadians (about 85%) and Millennials (69%).
“Everyone’s trying to save some time, so sometimes it’s just easier to use an old street address when picking a new password because it’s easier to remember,” explained Boris. “Or they might be using public wi-fi in an airport or coffee shop to log into their bank accounts. Those are the types of risks you forget about in the moment when you’re trying to save time.”
Personal cyber vs identity theft insurance
Another piece of good news from the survey is that more individuals were taking out personal cyber insurance to protect their data. 39% of Chubb respondents said they have a personal policy, including a majority of mass affluent (63%) and high net-worth (83%) consumers.
However, general awareness of personal cyber insurance remains low at 39% across generations. Younger respondents like Gen Z and Millennials were more likely to be aware, while 65% of baby boomers were unfamiliar with the coverage.
Read more: Revealed – the form of cyber attack on the rise
Boris said this presents an opportunity for agents and brokers to educate clients. “Individuals and their insurance agents should be thinking about the types of risks that are out there and how they want to mitigate them,” she told Insurance Business. “There are misconceptions around personal cyber insurance and identity theft insurance; the two can be confused.”
Identity theft insurance can protect policyholders when their personal identity information is compromised in the event of a breach. But personal cyber insurance will go beyond, protecting against ransomware attacks or breaches on household interconnected devices.
“Financial loss was something very important to our respondents, and they want to know that if they suffer some type of loss from their accounts, that that would be reimbursed through a cyber protection policy,” Boris said. “If you experience a breach or disruption to household interconnected devices, you also want insurance to ensure you can correct the damage. Those are some of the things that individuals want to think about when they want cyber protection above and beyond identity theft insurance.”
Ultimately, the best advice that brokers and agents can give their clients is to be constantly vigilant and employing a variety of mitigation actions.
“We talk often about using strong passwords. But it’s also about using tools to protect yourself from any cyber threat, like using password managers or multi-factor authentication. Not sharing credit card information online and constantly updating software are also important,” Boris said.
“Finally, continually educating yourself about cyber threats and sharing that information with all individuals in your household will help ensure everybody is practicing good cyber behavior.”