Consumers Hold Businesses Accountable for Protecting Data

Financial institutions have the best reputation when it comes to dealing with hacks relative to other industries, a new survey by IT security specialist Centrify finds.

centrify and passwords

Two-thirds of adults in the United States are at least somewhat likely to stop doing business with a company that has suffered a cyber-security breach, according to a report commissioned by IT security specialist Centrify.

That number is even higher in the UK, where 75 percent said they are somewhat likely to stop doing business after a hack.

The survey found that financial institutions have the best reputation when it comes to dealing with hacks relative to other industries, receiving the best rankings among seven different industries in terms of how well they handle security issues for their customers.

Medical and health organizations were a clear second place of the seven industries, followed by government. There is less faith in retail businesses, which ranked fourth of seven in each country, and travel sites, which ranked fifth of seven in each country.

Bringing up the rear were membership and hospitality businesses, which received the lowest rankings by a wide margin.

"The most concerning finding was that simple passwords are typically still the only measure taken to secure data. Consumers may not realize it, but in the past two years, billions of usernames and passwords have been stolen," Chris Webber, security strategist at Centrify, told eWEEK. "This is made simple because passwords are simple for attackers to crack, and are often reused across apps, sites and services. Relying on passwords puts us all at risk."

According to the survey, the majority of people hold corporations accountable for securing customer data.

"While it's true that businesses need to protect against breaches, consumers should use the tools available to make it harder to get their private data," Webber explained. "Many services, like Amazon and Google, and many banks, offer two-step verification. This protects your account by requiring you to provide a time-based code sent via text message to your phone. It's easier than it sounds, and it means stolen passwords are no longer effective for compromising your data."

The study, which surveyed 2,400 people across the U.S., UK and Germany, also found that most consumers believe that the burden of responsibility for hacks rests almost entirely on the businesses.

"I think more apps, sites and services will provide stronger authentication—something more than just passwords," Webber said. "The SMS-based verification, a simple type of multifactor authentication, means that consumers will have something better than a simple password to protect their data. As consumers realize they can play an active part in their own security, without compromising convenience, we'll see companies shift to stronger security."