Press Release


 ISACA survey: Most UK consumers aware of major data breaches, but a third haven’t changed shopping behaviour 

Results also reveal struggles with privacy and security as use of connected devices and wearables grows

Rolling Meadows, IL, USA (12 November 2014)—In a world where the growing use of connected devices such as smart watches and connected cars is occurring at the same time that massive data breaches are making headlines, a new global study by ISACA shows that consumers have conflicted attitudes about the benefits of connected devices.

The 2014 ISACA IT Risk/Reward Barometer shows that the vast majority of UK consumers (90%) have read or heard about major retailer data breaches in the past year, and two-thirds (63%) say retailer data breaches have increased concerns about their personal data privacy over the past year. The majority (59%) characterise the way they manage data privacy on connected devices they own as ‘take-charge’ rather than ‘reactive’ (30%) or ‘passive’ (11%). Yet despite knowing about retailer data breaches, just over half have changed an online password or PIN code (55%), while less than a fifth made fewer online purchases using mobile devices (13%), or shopped less frequently at one or more of the retailers that experienced a data breach (14%).

“This year’s research indicates that while UK consumers are knowledgeable about data breaches and increasingly concerned about their personal data privacy and security on connected devices, there is a significant gap between knowledge and action,” said Steven Babb, international vice president of ISACA and a technology risk, compliance and assurance leader at Vodafone (UK). “Companies must address this gap by proactively educating both customers and employees about how they can help reduce the risk or minimize the impact of data breaches or hacks.”

In the area of online shopping, global IT association ISACA recommends that consumers protect their personal information by creating a strong password unique to each account, protect their devices with current security software, and verify that online transactions are secure by looking for a padlock icon displayed in the browser.

ISACA’s IT Risk/Reward Barometer examines attitudes and behaviours related to the risks and rewards of key technology trends, including the Internet of Things, Big Data and BYOD (Bring Your Own Device). The 2014 Barometer consists of two components: a survey of 1,646 ISACA members who are IT and business professionals around the world, including more than 600 across EMEA, and a survey of more than 4,000 consumers in four countries, including 1,001 in the UK.

The potential impact of this gap between knowledge and action is amplified by the rapid spread of wearables and other connected devices in everyday life. Two-fifths of UK consumers now own or regularly use smart TVs (40%), over a quarter now own or regularly use connected cars (27%), and more than half of people’s wish lists for the coming year include connected devices (61%).

Among the top consumer concerns about the Internet of Things—which is defined as devices that connect with each other or to the Internet—are someone hacking into the device and doing something malicious (31%), not knowing how the information collected by the devices will be used (22%), and companies or organisations selling personal information (19%).

Wearables at work

Despite these privacy and security concerns, wearables are making their way into the workplace:

  • 62% of employed Brits would consider using one or more connected wearable devices in their current workplace, according to the consumer survey
  • In fact, one in 10 employed Brits (11%) would consider wearing smart glasses, such as Google Glass, in their current workplace
  • More than a quarter (28%) would consider wearing a smart watch in the workplace

For a full survey report, including related infographics, video and global results, visit


About the 2014 IT Risk/Reward Barometer

The annual IT Risk/Reward Barometer is a global indicator of trust in information. Conducted by ISACA, a global association of more than 115,000 IT security, assurance, risk and governance professionals, the Barometer polls thousands of business and IT professionals and consumers worldwide to uncover attitudes and behaviors about essential technologies and information, and the trade-offs people make to balance risk and reward. The study is based on September 2014 online polling of 1,646 ISACA members from 110 countries. Additional online surveys were fielded by M/A/R/C Research among 1,209 consumers in the US, 1,001 consumers in the UK, 1,007 consumers in India and 1,007 consumers in Australia. The US survey ran 8-11 September 2014, and the UK, India and Australia surveys ran 8-17 September 2014. At a 95 percent confidence level, the margin of error for each individual country sample is: US:  +/- 2.8 percent and UK/India/Australia: +/- 3.1%. To see the full results, visit



With more than 115,000 constituents in 180 countries, ISACA ( helps business and IT leaders build trust in, and value from, information and information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA offers the Cybersecurity Nexus, a comprehensive set of resources for cybersecurity professionals, and COBIT, a business framework that helps enterprises govern and manage their information and technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) credentials. The association has more than 200 chapters worldwide.

Participate in the ISACA Knowledge Center:

Follow ISACA on Twitter:

Join ISACA on LinkedIn: ISACA (Official),

Like ISACA on Facebook:



Joanne Duffer, +1.847.660.5564,

Meera Lakhani, +44.207.611.3623,