Light Dark
August 18, 2017 By David Strom 2 min read
Risk Management

End users in the U.S. and U.K. have very different attitudes toward security. Earlier this summer, Wombat Security surveyed more than 2,000 working adults — half in the U.S. and half in the U.K. — about various cybersecurity topics and perceptions of best practices. The researchers found some interesting surprises and noted a series of different attitudes and actual security practices between citizens of the two countries.

Identifying Security Awareness Gaps

The biggest difference is that half of the Americans surveyed have been cybertheft victims, compared to 19 percent of British respondents. Statistics regarding social media breaches were similarly skewed.

Alarmingly, the report also revealed some interesting misconceptions about security basics. Roughly one-third of the Americans thought that malware was something that boosted Wi-Fi signals, for example, while only a small percentage of the British respondents thought this was true. Clearly, there is room for education here on both sides of the pond.

Another big difference: Americans have more trust in their digital lives than U.K. users, which is not necessarily a good thing. More than half of the U.S. respondents thought they could trust Wi-Fi networks in locations such as a hotels and coffee shops, but less than a third of the British respondents felt this way. Almost the same percentage of U.S. users (58 percent) thought they could trust their antivirus software to stop a potential cyberattack, while only 37 percent of U.K. users thought that was true.

Differences in Security Practices

When it comes to using appropriate password hygiene, 38 percent of Americans use password managers, compared to 10 percent of British users. Still, both groups have a big block of users who maintain just a few of the same passwords when they go online. Additionally, 8 percent of U.S. users and 14 percent of U.K. users lack a lock screen password on their mobile devices.

Virtual private network (VPN) use is more widespread in the U.S. than in the U.K. (65 percent versus 44 percent, respectively). In fact, 33 percent of British respondents reported that they didn’t know what a VPN was, compared to just 19 percent of Americans. And although 21 percent of users in the U.S. reported that they rarely or never use a VPN, that number was almost twice as high for British respondents (38 percent).

A Long Way to Go

The report made no attempt to explain why these fundamentals of network and data security diverge between the two populations. Still, both American and British users clearly have a long way to go before we can see better security practices in the general population.

 |  |  |  |  |  | 
David Strom
Security Evangelist

More from Risk Management
January 28, 2025

4 trends in software supply chain security

4 min read - Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised.Expect to see more software supply chain attacks moving forward. According to ReversingLabs' The State of Software Supply Chain Security 2024 study, attacks against the software…

January 24, 2025

How cyberattacks on grocery stores could threaten food security

4 min read - Grocery store shoppers at many chains recently ran into an unwelcome surprise: empty shelves and delayed prescriptions. In early November, Ahold Delhaize USA was the victim of a cyberattack that significantly disrupted operations at more than 2,000 stores, including Hannaford, Food Lion and Stop and Shop. Specific details of the nature of the attack have not yet been publicly released.Because the attack affected many digital systems, some stores were not able to accept credit/debit cards, while others had to shut…

January 23, 2025

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature