With 17 additional accounts on top of existing online accounts, consumers in the Asia Pacific (APAC) region are letting their guard down in terms of password management. This is one of the significant findings of IBM’s global survey, conducted by Morning Consult, which studied consumers’ digital behaviors during the pandemic.
Digital acceleration during the COVID-19 pandemic covers not only organizations but also consumers. As businesses utilize various digital platforms, consumers also found these changes more convenient in navigating this new way of life.
While these digital platforms offer convenience and safety, in terms of preventing the spread of the COVID-19 virus, users are susceptible to cybersecurity threats. The more they provide information, the more data gathered and stored in the companies’ databases that hackers can exploit.
With so many accounts and apps to maintain, consumers are prone to recycling passwords. The IBM Security survey found 86% of APAC consumers admit to re-using their online credentials across accounts at least some of the time.
“This means that many of the new accounts created during the pandemic likely relied on reused email and password combinations, which may have already exposed via data breaches over the past decade,” IBM Security said in a media release.
As the pandemic still rages on, with some countries able to curb the spread of the virus significantly, the survey found 54% of the APAC respondents would rather place and pay for an order digitally than go to a physical location or call to place an order “even if they had concerns about the website/app’s safety or privacy,” with 60% of millennials sharing the same sentiments.
“With these users more likely to overlook security concerns for the convenience of digital ordering, the burden of security will likely fall more heavily on companies providing these services to avoid fraud,” IBM Security said.
Organizations need to adapt to the shifting consumer security landscape and ensure that their customers’ data are protected.
IBM Security suggests that organizations consider the Zero Trust Approach, which operates under the assumption that an authenticated identity or the network itself may already be compromised, and therefore continuously validates the conditions for connection between users, data, and resources to determine authorization and need. This approach requires companies to unify their security data and approach, with the goal of wrapping security context around every user, every device, and every interaction.
Personal security habits
According to IBM Security X-Force, bad personal security habits also carry over to the workplace and can lead to costly security incidents for companies, with compromised user credentials representing one of the top root sources of cyberattacks reported in 2020.
To mitigate this, companies should modernize their consumer Identity and Access Management (IAM) if they intend to continue leveraging digital channels for consumer engagement, in which providing a seamless authentication process is important. IBM Security said investing in a modernized Consumer Identity and Access Management (CIAM) strategy can help companies increase digital engagement — providing a frictionless user experience across digital platforms and using behavioral analytics to help decrease the risk of fraudulent account use.
Companies need to consider tightening their data protection and privacy tools to help prevent data breaches. There are solutions that offer strong data security controls to protect against unauthorized access — from monitoring data to detect suspicious activity, to encrypting sensitive data wherever it travels.
“Companies should also implement the right privacy policies on-premise and in the cloud in order to help maintain consumer trust,” IBM Security said.
Put security to the test
IBM Security also recommends companies should consider dedicated testing to verify that the security strategies and technologies they have relied on previously still hold up in this new landscape.
“Re-evaluating the effectiveness of incident response plans, and testing applications for security vulnerabilities are both important components of this process,” IBM Security said.
The survey was conducted in March 2021 among 22,000 adults in 22 markets (1,000 respondents per market) including Argentina, Australia, Brazil, Canada, Chile, Colombia, France, Germany, India, Italy, Japan, Mexico, Peru, Singapore, South Korea, Spain, the UK, the United States, Middle East, Central & Eastern Europe, Nordics, and BNL (Belgium, Netherlands, and Luxembourg).