Seventy percent of Americans surveyed by ESET are worried about the misuse of personal data supplied to websites when banking or shopping online, and an overwhelming majority of Americans now see cybercrime as a threat to their country, one that is getting worse. These are some of the key findings of the ESET Cybersecurity Barometer, a survey that polled 3,500 adults in North America (2,500 in the US and 1,000 in Canada).

As a researcher who has been monitoring cybersecurity-related surveys for many years, I have noticed growing public concern about cybercrime, but I was shocked to see these results: nine out of 10 Americans surveyed agreed that cybercrime was “an important challenge to the internal security of the USA”.

As a student of criminology I was also shocked to see that respondents thought cybercrime was a more important challenge than drug trafficking or money laundering. Almost equally worrying was the finding that less than half of Americans surveyed think that the authorities, including law enforcement, are doing enough to fight cybercrime.

What kind of barometer is this?

The ESET Cybersecurity Barometer is a survey designed to assess the public’s attitudes towards, and experiences of, cybercrime, cybersecurity, and data privacy. What makes it different from other surveys – like those designed by companies that sell security products and services – is that this “barometer” was designed by government policy makers.

The survey uses a set of questions that is consistent with surveys conducted in the EU for the European Commission. The intent is to produce data that can be used with confidence by policy makers and decision makers because the results will withstand challenges based on accusations of survey design bias. Over time, results from surveys like this will allow longitudinal studies and international comparisons.

The parallel report for Canada is here: ESET Cybersecurity Barometer Canada.

What stands out?

For me, the most striking finding from this survey was the depth of concern that respondents expressed about the threats posed by cybercrime, and their lack of faith in things getting better any time soon. Some 87% of respondents said they expect the risk of becoming a victim of cybercrime to increase.

Additional findings of interest are the ways in which Americans are reacting to cybercrime, including a troubling percentage of respondents who say they are less likely to shop or bank online due to security and privacy concerns (19% and 20% respectively). These percentages surely represent lost opportunities for retailers and financial firms. Digital marketers should also note that 44% of respondents said that security and privacy concerns prompted them to give out less personal information on websites.

The report also documents the relationship between concerns about cybercrime and the rate at which such crime is encountered. For example, about 70% of the adult Americans that we surveyed reported receiving fraudulent emails or phone calls asking for their personal details. A similar percentage expressed concern about this activity.

However, a much larger number of people were concerned that they might become victims of identity theft (86%), but the percentage of respondents who reported experiencing identity theft was a lot less than half that number (30%). To be clear, it is pretty shocking that three out of 10 Americans have experienced ID theft, but as the report discusses, we can learn from this high ratio of concern to experience.

Why do this research?

As regular readers of will know, I have previously laid out the arguments for assessing public opinion regarding cybercrime and cybersecurity. You can read them here: Why ask the public about cybercrime and cybersecurity?

As I see it, people elect the government and help to determine cybercrime policy. People foot much of the tax bill for law enforcement efforts to reduce cybercrime. Therefore, knowing what the public thinks about cybercrime and cybersecurity and data privacy is essential to successful cybercrime policy development and critical to success in society’s cybersecurity efforts.

In my opinion, the survey results reported here are the strongest indication yet that, unless cybersecurity and cybercrime deterrence are treated as higher priorities by government agencies and corporations, the rate at which systems and data are abused will continue to rise, further undermining the public’s trust in technology. As I say in the report, maintaining and increasing that trust is vital to America’s economic wellbeing, now and in the future.