Online privacy news is pervasive, with a never-ending stream of headlines exposing one scandal after another. This climate has created a more wary consumer, as regulators scramble for stricter privacy laws and work to make an example of the worst offenders. Despite more effort to stymie egregious misuse of data, few individuals are taking privacy into their own hands.
It’s rare to find a consensus on much these days. 95% of Americans have expressed concern about the collection and selling of their personal information without their permission by online companies. Only half of those individuals are trying to address the issue. However, painting a clear picture of the vast gulf that exists between concern and action — a gap I find quite interesting as the CEO of a cybersecurity company.
The Silicon Valley CEO Survey
I participate in a peer group of Silicon Valley CEOs — each of whom represents companies across a wide range of industry sectors. These CEOs run companies at the forefront of the Fourth Industrial Revolution or Industry 4.0, from the cradle of the technology revolution. Pondering on this and online privacy behavior, I wondered if my CEO groups’ sentiments reflected the average US consumer – or if being headquartered in Silicon Valley made privacy concerns a substantially greater priority.
I conducted a survey of a dozen of my CEO peers to determine how they manage their online privacy, both at home and when they travel. While certainly not scientific, I was fascinated to see that, the CEOs’ answers reflected the wider consumer trends. Namely, a deep concern about online privacy, but no one doing much to try and control it.
Over 90% of the CEOs who responded to my survey said working in Silicon Valley has made them more concerned about their privacy. This figure is further supported by the same percentage who say they take extra measures to stay private online. At least half use antivirus software or a password manager, but more surprising than that, a full 36% choose to use an incognito browser, and only 10% use a Virtual Private Network (VPN). An incognito browser, while offering some help in keeping websites from tracking you with cookies, does little to protect privacy. A VPN, on the other hand, creates a secure connection that helps prevent hacking, spying, and unwanted tracking both at home and on the road.
Speaking of traveling, 90% of the CEOs I surveyed use public WiFi when away from home, and while one-third say they only use it if they have to. Nearly half use it without reservation and rarely, if ever, change the way they behave online when on a public WiFi connection. A full 73% use no additional privacy or security features when they travel.
At home, online privacy isn’t much improved. Of the 73% who use smart devices in their homes, 63% assume that either the device manufacturer or their internet service provider has taken adequate steps to protect privacy. This level of complacency is particularly surprising when taking into account that 64% said they do not trust device manufacturers or service providers to keep their data private and secure.
So why the chasm?
Whether general consumers or tech-savvy CEOs, a significant gap remains between awareness and action. I attribute this to what scholars refer to as the high-impact, low probability (HILP) scenario.
For example, climatologists and scientists warn of the potential for catastrophic weather events in the wake of global warming trends. It would seem these doomsday scenarios should be enough to motivate entire populations to change their behavior. Yet in reality, we do relatively little to personally decrease our negative impact on the environment. Scientists point to HILP to help illustrate the principle that though the risk is catastrophically high, the probability is perceived as low enough that it doesn’t induce change. In a very simple example, it’s the same reason we chow down on donuts when we know they aren’t good for us and could cause devastating health effects. High impact, without question. Low probability? Well, at the moment of indulgence, it certainly seems so.
In a similar fashion, this is how we view online privacy. Ask anyone who has had their personal data compromised, it can be a nightmare of epic proportions, one that spans years and causes significant chaos in everything from finances to medical records, identity issues and more. Yet we have lulled ourselves into a false sense of security, believing that, statistically speaking, the probability is so low it offsets the risk.
In reality, the probability is much higher than we imagine.
An exponential increase in IoT devices, combined with prolific network connectivity, little insight into who is behind the network and an ever-increasing rise in malware means the probability that each and every one of us will be involved in a catastrophic cybersecurity attack or data breach is, for all intents and purposes, predestined. In fact, it is likely to happen to us multiple times. The worst part? We may not know the true impact of the damage for years to come.
Even though I oversee a global cybersecurity company, if I’m honest, my answers aren’t a whole lot different from my CEO counterparts (with the exception of a VPN, which is one tool I believe every consumer should consider critical). The reality is that all of us allow for a sizable amount of risk in our online behaviors, hoping that we’ll somehow be the exception in the deluge of privacy breaches. For too long we’ve wanted it to be someone else’s problem to fix, but it’s clear that no one is stepping up to adequately address this issue.
Without exception, every CEO who responded to my survey agreed the tech industry is not doing enough to protect privacy. What’s more, 90% say the government should increase regulation, a particularly eye-opening statistic when you consider that Silicon Valley has always been reticent to government oversight.
Most importantly, we, as individuals, need to take a more active role in protecting our own privacy. Simple fixes like using a password manager, keeping your software up to date, employing antivirus software on every device or operating system, and investing in a VPN can help keep you private in a world that is doing everything it can to peek behind your digital curtains.
About the Author:
Paul Lipman is CEO of BullGuard, a market leader in cybersecurity. He has extensive experience building and leading security and consumer technology companies, most recently leading BullGuard’s acquisition of IoT security company, Dojo Labs. Before joining BullGuard, Paul was CEO at iSheriff, a recognized cloud security innovator. Prior to this, he held the CEO role for Total Defense, a high growth consumer security business, which was acquired by Untange in 2014. Paul has also worked in leadership positions at Webroot, Keynote Systems and Accenture. Paul holds an MBA from Stanford and a Bachelors in Physics from Manchester University. Outside of work, Paul is an avid snowboarder and amateur astronomer.
Disclaimer: The opinions expressed in this article are solely those of the contributor and do not necessarily reflect those of EC-Council.