With Data Security the Top Malaysian Security Concern, One in Three Malaysians Have Stopped Working With an Organisation After a Data Breach - New Unisys Security Index™
- At large events, Malaysians are more concerned about data theft on public wi-fi than physical attacks
- Malaysians are selective about which organisations may collect or share their data
Kuala Lumpur, Malaysia, 12 June 2019 – In a warning to Malaysian businesses and government agencies, new research from Unisys Corporation (NYSE: UIS) finds that many Malaysian consumers will take action after a data breach, including closing accounts, taking legal action and damaging an organisation's reputation via exposing the issue on social and traditional media platforms - according to the 2019 Unisys Security Index™.
The longest-running recurring snapshot of consumer security concerns conducted globally, the Unisys Security Index measures concerns of consumers on issues related to national, personal, financial and internet security. The study polled 1,019 adults in Malaysia 27 February - 22 March 2019. The 13 countries surveyed are Australia, Belgium, Brazil, Chile, Colombia, Germany, Malaysia, Mexico, Netherlands, New Zealand, Philippines, the U.K. and the U.S.
The 2019 Unisys Security Index of the Malaysian public is 211 out of 300, where 300 represents the highest level of concern. This is down from 215 in 2018 – making Malaysia one of only four countries to record a decrease in concern in the last year. Malaysia recorded the fifth-highest overall level of security concern of the 13 countries surveyed.
Data Security Top Concern for Malaysians
The top three concerns for Malaysians continue to relate to data security, with 88% of Malaysians concerned about bankcard fraud, 87% concerned about unauthorised access to their personal information and 78% concerned about internet hacking or viruses. The largest change in the last year was a decrease in concern about personal security from 70% to 62%.
Almost half (46%) of Malaysians said they had suffered a data breach in the last year, with the most common being social engineering scams that tricked them into providing information, with 19% of respondents reporting they had been a victim of this type of attack. In addition, 15% reported they had their social media profiles hacked, and 14% had their email hacked.
Dato' Ts. Dr. Haji Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia, the national cyber security specialist and technical agency, said: "As Malaysians become increasingly aware of data threats, attackers have had to apply more sophisticated approaches, often using social engineering techniques to gain their victims' confidence and trick them into voluntarily sharing their information or making a fraudulent transaction. This is being applied to individuals to gain financial and identity information and to organisations to gain access to confidential data or systems. As Malaysia becomes an increasingly connected nation, it is essential we build a culture of security through awareness programs and best practices among children, teenagers, parents and organisations, as well as the Malaysia CyberSecurity Resilience Program (MyCSRP) to improve national cybersecurity. But cybersecurity is a global issue, and a coordinated international approach is required as reflected in all 10 ASEAN members agreeing last year to adopt in principle the United Nations' norms for tacking cybersecurity1."
Malaysians Take Action after Data Breaches
Ashwin Pal, director of security services for Asia Pacific, Unisys, explains that the research shows organisations are at risk not just of losing data, but also of losing business. "Consumers hold the business or government agency responsible for not protecting their data, and many Malaysians are taking action. Among Malaysians who report they have suffered a data breach in the last year, one in three say they have closed their account, one in four have exposed the issue on social media and one in seven stopped dealing with them online. This results in customer loss, reputation damage, legal disputes and inhibits take-up of online or digital services," he says.
Action taken by Malaysians who report they suffered a data breach in the last year:
32% | Stopped dealing with the organisation such as closing my account |
30% | Took legal action |
25% | Publically exposed the issue on social media, e.g. Facebook |
18% | Publically exposed the issue by taking it to the media |
14% | Continued dealing with the organisation but not online |
At Large Events, Malaysians More Concerned About Cyber Threats than Physical Attacks
In a clear example of Malaysians' heightened awareness of cybersecurity threats, when asked about security concerns at large-scale events such as a sports match or music festival, more Malaysians are concerned about theft of credit card data (82%) or personal data (79%) from a mobile device when using public wi-fi at the event, than a criminal attacking and harming event attendees (75%). Only 51% of Malaysians are concerned about police capturing and saving surveillance video of attendees at the event.
Support for Data Collection and Sharing Depends on Trust, Privacy and Security
Malaysians are discerning about which situations they deem acceptable for an organisation to collect data from social media, online purchases, smartphones and wearable devices. Half of respondents (50%) support the government collecting this information to identify who is in the vicinity of a disaster, yet only 26% support the government monitoring an individual's travel patterns to plan road and public infrastructure. Almost half support airport and airlines collecting the information to efficiently guide a passenger's journey through an airport (47%), but only 16% support an employer doing the same to monitor an employee's location during the work day.
Similarly, public support varies for organisations sharing an individual's personal information with other organisations. The highest support is for police sharing information with other law enforcement agencies internationally (75%) or within Malaysia (74%) to solve a crime. There is also strong support (67%) for a government-administered proof-of-identity used to confirm a citizen's identity to access commercial services such as a bank account. However, only 25% support banks sharing a customer's financial data with another financial service provider to offer a single point of contact for multiple services. The most common reason given for not supporting this is concern that the other organisations involved will not protect personal data.
"Malaysians are selective about how and when they support their personal information being collected or shared. This appears to be driven by a combination of trust in the organisation involved, the purpose given for how the data will be used and the benefit to the individual. To gain public support, organisations must show they meet all three criteria," says Mr Pal.
Download the detailed report and infographic at www.unisyssecurityindex.com.my
About the Unisys Security Index
Unisys has conducted the Unisys Security Index – the longest-running recurring snapshot of consumer security concerns conducted globally – since 2007 in order to provide an ongoing, statistically-robust measure of concern about security. The index is a calculated score out of 300 covering changing consumer attitudes over time across eight areas of security in four categories: national security and disaster/epidemic, in the National Security category; bankcard fraud and financial obligations, in the Financial Security category; viruses/hacking and online transactions, in the Internet Security category; and identity theft and personal safety, in the Personal Security category. The Unisys Security Index is based on national surveys of 1000 adults aged 18-64 years of age in each of the following countries: Australia, Belgium, Brazil, Chile, Colombia, Germany, Malaysia, Mexico, Netherlands, New Zealand, Philippines, the U.K. and the U.S.
In New Zealand, the first 2019 Unisys Security Index survey was conducted between 27 February – 5 March 2019. A follow up survey was conducted between 22-28 March 2019, after the 15 March attack in Christchurch, to assess the impact on security concerns. The New Zealand respondent sample was weighted with respect to national demographic characteristics such as gender, age and region. The margin of error +/-3.1% per wave at 95% confidence level and 0.9% for the global results.
About Unisys
Unisys is a global information technology company that builds high-performance, security-centric solutions for the most demanding businesses and governments on Earth. Unisys offerings include security software and services; digital transformation and workplace services; industry applications and services; and innovative software operating environments for high-intensity enterprise computing. For more information on how Unisys builds better outcomes securely for its clients across the Government, Financial Services and Commercial markets, visit www.unisys.com.my. Follow Unisys on Twitter and LinkedIn.
Contacts:
Claire Hosegood, Unisys APAC,+61 411 253 663
claire.hosegood@au.unisys.com
Unisys and other Unisys products and services mentioned herein, as well as their respective logos, are trademarks or registered trademarks of Unisys Corporation. Any other brand or product referenced herein is acknowledged to be a trademark or registered trademark of its respective holder.