The Cyber Security Agency of Singapore (CSA) released the key findings of the Cybersecurity Public Awareness Survey 2019 today. The survey polled 1,000 respondents between 17 and 23 December 2019.
This survey has been conducted annually since 2016, and measures public awareness and adoption of cyber hygiene practices, as well as attitudes towards cyber incidents.
The survey revealed that there were high levels of concern for cyber incidents. Most respondents also agreed that everyone has a role to play in ensuring cybersecurity. However, there continued to be room for improvement in respondents’ cyber hygiene.
The majority did not install security applications in their devices despite knowing the risks. Many respondents continued to think that cyber incidents would not happen to them. In addition, respondents faced difficulty in identifying phishing emails.
The key findings are as follows:
Difficulty in identifying phishing emails
The 2019 survey made a deeper dive to understand respondents’ awareness of phishing, as it remains a popular way for attackers to target their victims. Although two-thirds of the respondents (66%) said that they knew what phishing was, only four percent could identify all the phishing emails correctly.
Marginal increase in Two-Factor Authentication (2FA) adoption rate for online accounts
Overall, the proportion of respondents who activated 2FA for some or all of their online accounts increased from 80% in 2018 to 83% in 2019.
More respondents knew how to use security apps but less than half installed them
The proportion of respondents who used their mobile devices for online transactions has continued to increase to 80% in 2019, up from 73% in 2018.
However, the proportion of respondents who installed security applications in their mobile devices saw only a slight increase from 45% in 2018 to 47% in 2019 This is despite the fact that majority of the respondents (85%) acknowledged the risks of not installing security applications.
Respondents believe that cyber incidents would not happen to them
The survey also studied the prevalence of cyber incidents and respondents’ attitudes and behaviours towards them. About a quarter of the respondents said that they had been a victim of at least one cyber incident in the past 12 months.
When asked about the actions they took, 68% of respondents said that they changed their passwords, 46% reported the incident to the relevant organisation, 30% installed an anti-virus software, while eight percent of the respondents did not take any action.
However, most continued to believe that such incidents would not happen to them. For instance, while 78% of the respondents were concerned about falling victim to an online scam or fraud, only 27% felt that there was a likelihood that this would happen to them
Cybersecurity is everyone’s responsibility
Similar to previous years’ findings, the majority of respondents (78%) agreed that all Singaporeans have a role to play in cybersecurity,
Mr David Koh, Commissioner of Cybersecurity and Chief Executive, CSA, said “With our increasing reliance on technology, especially amid the COVID-19 pandemic, opportunistic cyber criminals now have a bigger hunting ground. It is important for us to shake off the ‘it will not happen to me’ mindset, stay vigilant, and take steps to protect ourselves online so that we do not become the next victim.”
The insights gathered from the survey highlight CSA’s efforts to raise cybersecurity awareness and promote the adoption of cybersecurity measures.
CSA will also launch a Safer Cyberspace Masterplan later this year, which lays out a blueprint to better protect Singaporeans and businesses in the digital domain.