A recent poll reveals that a majority of American shoppers do not feel the need to change their shopping habits following a series of data breaches that have rocked retail giants including Target, Neiman Marcus, and Michaels.Of the 1,060 adults interviewed between January 17 and January 21, more than half of the poll’s respondents answered they have not checked their credit reports (57-41), changed their passwords on some of the affected retailers’ websites (66-33), or signed up for credit monitoring services (80-18).
These findings, which were collected by the AP-GfK poll, seem to suggest that the American public considers data breaches a regular part of life and therefore feels no need to alter its shopping behavior.
That, or Americans feel no desire to do so—even though they should.
Later in the same poll, 88 percent of respondents answered that it is retailers’ responsibility to protect their data, as compared to 37 percent who said that some responsibility rests with consumers.
Perhaps they are right. After all, a survey conducted by Cisco revealed that of 30 different networks of companies that are in the Fortune 500 list, all of them were transmitting information to at least one website that hosts malware. The implications of this revelation are terrifying to imagine. In the very least, they point to the fact that most if not all American businesses have a serious cyber security problem.
To their credit, U.S. retail companies and corporations are not unaware of this problem. They have read about the lawsuits others have faced following serious data breaches. As a result, many companies are today appealing to Washington for help. Specifically, they are asking Congress to create a unified standard by which they would notify customers that their information had been breached. Advocates support this measure largely because of what they see as failings in the current privacy law arena: 46 states have different privacy breach notification laws, which make compromises like Target’s all but impossible to address.
Or perhaps Americans feel a lack of responsibility for their data’s security because they are actually concerned about something else.
The AP-GfK poll revealed another finding: 60 percent of Americans are more worried about protecting their privacy than they are about the government safeguarding them against terrorism, including via cyber security measures.
This presents an interesting paradox. Americans want their data kept safe, but they want nothing to do—and even disagree—with the processes and measures designed to do so. Clearly, there is a significant disconnect in the way in which the American public conceptualizes cyber security.
The poll supports the view that Americans are resisting becoming implicated in the processes designed to keep data safe. But as the true extent of Target’s breach becomes known, perhaps U.S. businesses, Congress, and most importantly the American people will begin to appreciate the scale of the cyber security problem—and what they must do to address it.
David Bisson | @DMBisson
Bio: David is currently a senior at Bard College, where he is studying Political Studies and writing his senior thesis on cyberwar and cross-domain escalation. He also works at the Hannah Arendt Center for Politics and Humanities at Bard College as an Outreach intern. Post-graduation, David would like to leverage his extensive journalism experience as well as his interest in computer coding and social media to pursue a career in cyber security, both its practice and policy.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.