Google: Users still aren't getting message about online security

Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.

Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.

The importance of regular software updates is apparently lost on a large proportion of Internet users who aren't security experts, the survey found. Just 2% of non-experts said that routinely patching software was high on their list of security priorities, compared to 35% of experts.

+ ALSO ON NETWORK WORLD:Hacker: 'Hundreds of thousands' of vehicles are at risk of attack | How to check if you've been attacked by Hacking Team intrusion malware+

In fact, the researchers wrote in a blog post, many non-experts were concerned that software updates could themselves pose a security risk. "I don't know if updating software is always safe," said one respondent. "What [if] you download malicious software?"

By contrast, non-experts were much more likely to list anti-virus software as one of their most important safety precautions, despite the fact that such software, by itself, doesn't provide a defense against many of the online threats they face today. While just 7% of experts said anti-virus software was one of their top three precautions, fully 42% of non-experts rated it that highly.

There was, however, some common ground. Both groups listed strong password management as a key part of staying safe online, even though experts were much more likely to use dedicated password management apps than users.

By and large, however, Google's researchers say their data shows that, despite years of breaches, hacks and privacy violations of every imaginable kind, the best security practices are still not generally understood.

"Our findings highlight fundamental misunderstandings about basic online security practices," they wrote. "Software updates, for example, are the seatbelts of online security; they make you safer, period. And yet, many non-experts not only overlook these as a best practice, but also mistakenly worry that software updates are a security risk."

Join the CSO newsletter!

Error: Please check your email address.

Tags GooglesecurityHacking Team

More about Google

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jon Gold

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place