91% of Americans Worried About Online Security Threats; Nearly Half Say They’re at Greater Risk Now Than Before the Pandemic, and Almost Two-Thirds Believe That Cybercriminals Could Target Their Household in the Next Year

BURLINGTON, Mass. — July 20, 2021 —

According to a new Sophos Home survey, “The State of Consumer Home Cybersecurity 2021,” consumers are increasingly concerned about their online security and imminent attacks. Forty-five percent of consumers say they’re more at risk of being hit by an attack now than they were before the pandemic, and 61% believe their household could be the target of an attack in the next year. Despite these concerns, the research findings show that security practices are falling short for many.

“Consumers are largely in the dark about cybersecurity,” said Chester Wisniewski, Sophos principal research scientist. “The findings show that many consumers are woefully uninformed about threats like ransomware, the likelihood and risk of these threats within their homes, and how to protect their families. The data also indicates that a number of consumers think they know more about cybersecurity than they actually do. All of this results in a false sense of security, and while it’s no excuse, it’s no doubt a reason why many consumers are failing to meet the security basics.”

The survey polled 2,500 consumers across all regions of the U.S. Key findings include:

  • 91% of consumers are worried about online security threats affecting their household – specifically viruses and malware (60%), identity theft (55%), financial fraud (48%), and ransomware (45%); for parents, the top concern is inappropriate content (39%)
  • 45% believe they’re more at risk of being hit by an attack now than they were 12 months ago, before the pandemic
  • 18% report that someone in their household suffered from a ransomware attack, nearly half of which occurred in the last year; 29% of which paid the ransom
  • 69% believe that working from home introduces new security risks
  • 61% believe that they or someone in their household could be the target of an online attack in the next 12 months

“Ransomware has become a household term and an understandable concern for everyday consumers – especially in the wake of the Colonial Pipeline and Kaseya attacks – but the fact of the matter is that ransomware attackers are looking to make a profit and they’re targeting businesses first and foremost,” said Wisniewski. “Consumers aren’t off limits, however. While the risks to consumers are lower than those for well-funded organizations, they’re still very real risks and consumers need to take the necessary steps to protect themselves and their families. They simply can’t afford to overlook basic security practices like backing up data, protecting passwords, and updating and patching devices and applications.”

Online Security Bad Habits

The new research findings shine light on several areas where consumer security practices are lacking, including:

  • 20% never backup data to the cloud
  • 24% don’t have or use a password manager
  • 36% don’t update or patch their operating system and applications when prompted, or check to do so at least weekly
  • Just 35% of parents have set up separate user accounts on devices that their children use, and only 44% have user passwords set up at all on these devices
  • Only half (50%) of parents have added parental controls on devices that their children use, and only 42% have set up safe browsing or a web content filter

The Silver Lining

The good news is that most households (83%) have a designated “IT boss” who manages security on all devices within their homes; only 10% don’t, according to the research. Additionally, nearly half of consumers say they’re also responsible for managing devices outside of their homes. This number is highest in the Northeast, where a majority (54%) own this responsibility for extended family and friends.

About the Survey

The State of Consumer Home Cybersecurity 2021” report highlights findings of an independent survey conducted by Vanson Bourne among 2,500 consumers based in the U.S. The survey was conducted in February 2021.

About Sophos

Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies. As one of the largest pure-play cybersecurity providers, Sophos defends more than 600,000 organizations and more than 100 million users worldwide from active adversaries, ransomware, phishing, malware, and more. Sophos’ services and products connect through the Sophos Central management console and are powered by Sophos X-Ops, the company’s cross-domain threat intelligence unit. Sophos X-Ops intelligence optimizes the entire Sophos Adaptive Cybersecurity Ecosystem, which includes a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity and information technology vendors. Sophos provides cybersecurity-as-a-service to organizations needing fully managed security solutions. Customers can also manage their cybersecurity directly with Sophos’ security operations platform or use a hybrid approach by supplementing their in-house teams with Sophos’ services, including threat hunting and remediation. Sophos sells through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.