Users are also to blame for lack of data privacy
When companies experience data breaches, they come under fire from members of the public who assert they fell short and should have done better. Indeed, sometimes those establishments make significant blunders, such as by not fixing vulnerabilities promptly enough or waiting too long to tell victims about the compromised data.
However, users aren’t perfect when it comes to data either. In fact, sometimes they’re just as much to blame as the targeted companies.
After the Facebook and Cambridge Analytica fiasco that involved millions of Facebook users having their data compromised due to an illegal quiz app, many of the victims felt outraged and pledged to stop using the service, sparking a #DeleteFacebook campaign.
It seems, though, there aren’t enough people willing to carry out the actions behind their words to make a dent in the company’s profits. Most users have reportedly not stopped using the site or even altered their privacy settings after the incident. Facebook also does not have plans to try different business practices that might increase privacy.
Facebook is far from the only company that has experienced a massive data breach. Uber also made the headlines for an issue that exposed the names and email addresses of millions of customers.
While speaking at a recent conference, John Flynn, Uber’s head of information security, revealed that the main problem his company faces is the fact that users don’t care enough. He said that although user expectations have gone up regarding the involvement Uber should have in data protection, people haven’t made significant and necessary behavior changes.
Perhaps one reason why users don’t come up with adequate passwords is that they don’t have enough guidance about what constitutes a worthy one. Multiple studies involving several hundred people determined that when people learned how to make better passwords and were reminded of the consequences of not doing so, they made improvements.
A 2018 survey of 2,000 people from the U.S., Europe and Australia found 40 percent would never change their passwords if it weren’t required. Also, 55 percent would not change them even if they were made aware their accounts were hacked.
Many individuals prize convenience above all, and they don’t want to go through the hassles of potentially resetting their passwords or answering security questions if they forget them.
The rise of cloud computing has made large-scale attacks ever more attractive for hackers to carry out. Besides data breaches, there are other potential risks to cloud security ranging from ransomware to stolen credentials. However, a survey of organizations using the cloud for data storage found only 36 percent of them use encryptions or tokens to keep that content secure.
It is not surprising, then, that the scope and severity of hacking attacks are on the rise. Cybercriminals know there’s a lot at stake for successful infiltrations, and that the rewards they seek may not be correctly secured.
Companies are not blameless concerning data privacy. However, lasting improvement will come when users realize they must supplement efforts from businesses to keep data locked down and ensure they’re doing enough on their end to keep hackers shut out.
* Kayla Matthews is a technology journalist.