Equifax and Heartbleed are most-Googled cyber security terms

The Equifax data breach of 2017, which saw 140 million customer records compromised, and the Heartbleed OpenSSL cryptographic library vulnerability of 2014, which enabled hackers to easily steal personal information, are the most-Googled cyber security terms ever, and by implication the highest-profile security events of all time, according to new analysis of Google search trends dating back 15 years.

Conducted by managed threat detection, incident response and penetration testing specialist Redscan, the analysis also revealed insight into how the cyber security landscape has changed since 2004.

It found, for example, that traditional antivirus firms are much less searched-for now than a decade ago as security becomes a more holistic aspect of IT. It also revealed just how popular the sector’s biggest personalities are – John McAfee, for example, is as searched-for as David Bradley, who played Walder Frey in Game of Thrones, while cryptographer Bruce Schneier is as searched-for as Sandra Denton, or Pepa from 1980s hip-hop group Salt-N-Pepa.

“Cyber security has changed remarkably over the last 15 years and Google’s search data is a great measure of this,” said Redscan technical director Andy Kays.

“Our report shows how the industry has transformed, how threats are evolving and the challenges this is creating for businesses. In today’s security landscape, it is more important than ever for organisations to maintain robust security. This is underscored by the rising interest in online privacy and the fallout and damage caused by the Equifax data breach – the most-Googled cyber breach ever.”

The other highest-profile data breaches noted by Redscan include the hacks of hotel chain Marriott, affair website Ashley Madison and ISP TalkTalk, while the most searched-for threats and vulnerabilities included the WannaCry ransomware attack and the Meltdown chip exploit. Highly Googled privacy terms included NSA, Edward Snowden and Cambridge Analytica.

The analysis also showed how some of the underlying language around cyber security has evolved, including the term cyber security itself. Back in 2004, people were more inclined to search for network security or computer security, but this has declined rapidly since the mid-noughties to be replaced by cyber security, which also usually tends to be written as two words.

The evolution of security technology over the past 15 years was also noted by the analysis, offering insight into how IT buying trends have changed.

Redscan said wider evolution in IT clearly impacted security at a fundamental level, with terms relating to cloud, the internet of things (IoT) and bring-your-own-device (BYOD) all gaining prominence at the expense of terms relating to antivirus software. Household names of the early 2000s, such as McAfee, Kaspersky, Norton, Avast and AVG, have all slipped, while cloud, mobile device management (MDM) and security information and event management (SIEM) suppliers are all on the rise. Currently, the terms GDPR, cryptojacking, threat hunting, AI security and zero trust are all hot topics in search.

“As businesses embrace digital transformation, their security strategy must evolve accordingly,” said Kays. “Our data shows that interest in traditional preventative tools is declining in favour of next-generation technologies that offer enhanced threat detection and response capabilities.

“Despite the technological changes within security, improving employee cyber awareness remains as important as ever. Many people still don’t set strong enough passwords or make use of multi-factor authentication – worrying given the continued fall in global searches related to password security. To encourage best practice, businesses need to conduct regular staff training and ensure that it is regularly reviewed to reflect the latest threats, such as social engineering scams.”