Cybersecurity breaches seem to be a constant part of modern life, with a new high-profile leak or hack happening almost every week. Despite this, however, British people still aren’t taking adequate steps to protect their data, according to findings published by Cyber Security Europe.
In a survey of over 1,000 people living in the UK, almost a quarter – 23% – admitted to regularly using either their name or date of birth as their password in online accounts – an absolute no-no in ensuring a secure account.
Furthermore, 11% – slightly more than one in ten – said that they only use one or two passwords for all their online accounts, meaning that if one were to be breached, hackers could easily gain access to the others.
Even major attacks affecting large percentages of the population don’t seem enough to prompt people to take better cybersecurity precautions, as 76% of people say they never update passwords after a major breach.
This is particularly bad news for British businesses, which not only have in the past been accused of not doing enough to protect their customers from cybersecurity incidents, but which will be subject to the General Data Protection Regulation (GDPR) from next year, meaning they could be in serious trouble if poor employee practices leave customer data exposed.
Despite this, only 16% of respondents say their workplaces have increased focus on cybersecurity since the WannaCry ransomware attack earlier this year, the most devastating attack to hit UK businesses of late.
In addition, 60% of people said they only used logins and passwords for online security at work, which given how many people use poor passwords, poses a serious security risk for companies.
“A surprising amount of people still seem oblivious to the threat posed to their personal and, in fact, business information by using their name or date of birth as their passwords,” said Bradley Maule-ffinch, director of strategy for Cyber Security Europe.
“Nowadays, this is far from being just a personal issue. We have seen a spate of prolific attacks and breaches this year alone and businesses must ensure that employees are educated about the basics such as password security.
“With the advent of Internet of Things, increasing numbers of people using their own personal devices to connect to business networks which is an ever-growing threat landscape. This could prove a costly vulnerability for organisations in the wake of GDPR.”