91% of Americans Worried About Online Security Threats; Nearly Half Say They’re at Greater Risk Now Than Before the Pandemic, and Almost Two-Thirds Believe That Cybercriminals Could Target Their Household in the Next Year

BURLINGTON, Mass. — Juli 20, 2021 —

According to a new Sophos Home survey, “The State of Consumer Home Cybersecurity 2021,” consumers are increasingly concerned about their online security and imminent attacks. Forty-five percent of consumers say they’re more at risk of being hit by an attack now than they were before the pandemic, and 61% believe their household could be the target of an attack in the next year. Despite these concerns, the research findings show that security practices are falling short for many.

“Consumers are largely in the dark about cybersecurity,” said Chester Wisniewski, Sophos principal research scientist. “The findings show that many consumers are woefully uninformed about threats like ransomware, the likelihood and risk of these threats within their homes, and how to protect their families. The data also indicates that a number of consumers think they know more about cybersecurity than they actually do. All of this results in a false sense of security, and while it’s no excuse, it’s no doubt a reason why many consumers are failing to meet the security basics.”

The survey polled 2,500 consumers across all regions of the U.S. Key findings include:

  • 91% of consumers are worried about online security threats affecting their household – specifically viruses and malware (60%), identity theft (55%), financial fraud (48%), and ransomware (45%); for parents, the top concern is inappropriate content (39%)
  • 45% believe they’re more at risk of being hit by an attack now than they were 12 months ago, before the pandemic
  • 18% report that someone in their household suffered from a ransomware attack, nearly half of which occurred in the last year; 29% of which paid the ransom
  • 69% believe that working from home introduces new security risks
  • 61% believe that they or someone in their household could be the target of an online attack in the next 12 months

“Ransomware has become a household term and an understandable concern for everyday consumers – especially in the wake of the Colonial Pipeline and Kaseya attacks – but the fact of the matter is that ransomware attackers are looking to make a profit and they’re targeting businesses first and foremost,” said Wisniewski. “Consumers aren’t off limits, however. While the risks to consumers are lower than those for well-funded organizations, they’re still very real risks and consumers need to take the necessary steps to protect themselves and their families. They simply can’t afford to overlook basic security practices like backing up data, protecting passwords, and updating and patching devices and applications.”

Online Security Bad Habits

The new research findings shine light on several areas where consumer security practices are lacking, including:

  • 20% never backup data to the cloud
  • 24% don’t have or use a password manager
  • 36% don’t update or patch their operating system and applications when prompted, or check to do so at least weekly
  • Just 35% of parents have set up separate user accounts on devices that their children use, and only 44% have user passwords set up at all on these devices
  • Only half (50%) of parents have added parental controls on devices that their children use, and only 42% have set up safe browsing or a web content filter

The Silver Lining

The good news is that most households (83%) have a designated “IT boss” who manages security on all devices within their homes; only 10% don’t, according to the research. Additionally, nearly half of consumers say they’re also responsible for managing devices outside of their homes. This number is highest in the Northeast, where a majority (54%) own this responsibility for extended family and friends.

About the Survey

The State of Consumer Home Cybersecurity 2021” report highlights findings of an independent survey conducted by Vanson Bourne among 2,500 consumers based in the U.S. The survey was conducted in February 2021.

Über Sophos

Sophos ist ein weltweit führender und innovativer Anbieter fortschrittlicher Sicherheitslösungen zur Abwehr von Cyberangriffen. Das Unternehmen übernahm Secureworks im Februar 2025 und brachte damit zwei Pioniere zusammen, die die Cybersicherheitsbranche mit ihren innovativen, nativen und KI-optimierten Dienstleistungen, Technologien und Produkten neu definiert haben. Sophos ist der größte, reine Anbieter von Managed Detection and Response Services (MDR) und unterstützt mehr als 28.000 Organisationen. Zusätzlich zu MDR und anderen Dienstleistungen umfasst das komplette Portfolio von Sophos branchenführende Endpunkt-, Netzwerk-, E-Mail- und Cloud-Sicherheitslösungen, die über die Sophos-Central-Plattform zusammenarbeiten und sich für bestmöglichen Schutz kontinuierlich anpassen. Secureworks bietet das innovative, marktführende Taegis XDR/MDR, Identity Threat Detection and Response (ITDR), SIEM-Funktionen der nächsten Generation, Managed Risk und ein umfassendes Angebot an Beratungsdienstleistungen. Sophos vertreibt all diese Lösungen über Reseller-Partner, Managed Service Provider (MSPs) sowie Managed Security Service Provider (MSSPs) und schützt damit mehr als 600.000 Organisationen weltweit vor Phishing, Ransomware, Datendiebstahl sowie anderer alltäglicher und staatlich initiierter Cyberkriminalität. Die Lösungen stützen sich auf historische und Echtzeit-Bedrohungsdaten von Sophos X-Ops sowie der neu hinzugefügten Counter Threat Unit (CTU). Der Hauptsitz von Sophos befindet sich in Oxford, U.K. Weitere Informationen unter www.sophos.de.