Search Authors: Liz McMillan, Shelly Palmer, Lacey Thoms, Jayaram Krishnaswamy, Alex Forbes

Blog Feed Post

Measuring the American Reaction to Heartbleed


Since the bug became public knowledge in early April, the Heartbleed vulnerability has captured media headlines across the U.S. The hole existed in OpenSSL, an open-source program used by hundreds of thousands of websites. The bug affected some of the world’s most popular sites, including Facebook, Google, YouTube, and Wikipedia. Even worse, the vulnerability existed for more than two years before its detection. On April 30th, Pew Research published a report – Heartbleed’s Impact – measuring the American response to the vulnerability, and some of its results are pretty surprising.

Despite the severity and wide range of the vulnerability, surprisingly few Americans took action in response to the bug. Just 39% of Internet users took measures to increase the security of their online accounts. Only 29% think Heartbleed put their information at risk, and 6% actually think their information was stolen through the vulnerability. In light of the fact that the overwhelming majority of Internet users visit Google, Facebook, YouTube, or Wikipedia in some form or other, it is shocking that less than half took tangible steps to address this threat to their personal information.

The most intriguing statistic from this report is the lack of consensus among Americans about the security of their online accounts: 26% of Internet users think their online accounts are “not at all secure” or “not too secure”, but nearly a quarter (23%) think their online accounts are “very secure”, and almost half (46%) think their online accounts are “somewhat secure.” It is hard to feel comfortable making any definitive statements from that muddled response.

Clearer conclusions can be drawn regarded who felt the most at risk from the Heartbleed vulnerability. 38% of Americans with at least a college degree felt Heartbleed compromised their personal information – compare that to 26% for Americans with “some college” education and 23% for Americans with a high school diploma or less. More education suggests a greater degree of awareness and a stronger sense of insecurity, which is consistent with previous Pew reports studying American Internet users.

Read the report. If the media’s coverage of Heartbleed was not enough of a wake-up call for you, maybe Americans’ negligible response will be.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.