A recent study found 63 percent of respondents rated their knowledge of “the cyber” - that is, cyber-security - as being higher or equal to that of President Donald Trump.
IT directors didn't hold their confidence either as 57 percent of respondents felt they were as knowledgeable or more than their IT director when it came to cyber-security issues while 63 percent felt the same about Hillary Clinton, according to Blumberg Capital's 2017 State of Cybersecurity report.
The study queried just over a thousand people and found respondents also held drastically different views than their president concerning the best way to send confidential information to keep it safe and private, with only 1 percent saying using a courier is the safest while 55 percent said hand delivering it themselves is best.
Twenty-seven percent of respondents said unencrypted email was best while 25 percent felt commercially encrypted email was the most secure.
The study also found the respondents have a false sense of security in who can protect their data with 61 percent believing their employer is extremely or very trustworthy at keeping their information secure and 52 of respondents feel the same about their doctors despite the prevalence of large scale W-2 phishing scams targeting Human Resource personnel and medical data breaches.
“Traditionally people had every reason to trust employers and doctors with their data because for decades the information was all offline,” Blumberg Capital Founder and Managing Partner David Blumberg told SC Media.” People see their employers and doctors as figures of authority and worthy of trust.”
Now that these entities are storing more data online, hackers have more potential access to valuable and irreplaceable information that was previously unavailable and with current technology, the weakest link in an organization's security is often the human factor which contributes to the reason why these entities are targeted so frequently, he said.
Blumberg said he was surprised at how overconfident people were about their knowledge in cybersecurity and that just because someone knows how to change a password doesn't mean they know more about cybersecurity than they head of the FBI or CIA.
“The stakes are higher as more information and assets are online - from banking to health records to espionage,” Blumberg said. “Yet most people believe they've never been victimized, that they're more knowledgeable than their IT director, and that changing a password is a sufficient countermeasure to protect themselves.”
Blumberg noted that it's also surprising that most people trust e-Commerce sites dramatically more than they trust social media sites where they share a lot of personal information. According to the survey, 34 percent of respondents said they were somewhat confident that they would be able to recognize if they had been hacked and 13 percent said they were extremely confident in their abilities to self-detect a breach of their data.
“On a more serious note, the overconfidence combined with a lack of knowledge is what is truly a dangerous combination,” Blumberg said. “They don't know how much they don't know. That said, even for professionals in cybersecurity it is a moving target and in many ways it is getting more difficult all the time.”