Microsoft Invents New Way To Measure Online Safety (And Finds That Consumers Stink At It)

Computer users are taking steps to mitigate online security threats, but still only score a paltry 34 out of 100 – a solid “F” – according to a new study by Microsoft. 

Computer users are taking steps to mitigate online security threats, but still only score a paltry 34 out of 100 – a solid “F” – according to a new study by Microsoft. 

The study, sponsored by Microsoft’s Trustworthy Computing Group (TwC), introduces a new metric, the Microsoft Computing Safety Index (MCSI) to measure online safety, but finds that consumers are having trouble getting past the basics when it comes to staying safe on the Internet.

The MCSI assigns a point value to a series of steps (more than 20 in all) that consumers can take to protect themselves online. Each point in turn is assigned to a tier of activity: Foundational (30 points), Technical (40 points) and Behavioral (30 points).

Actions like keeping strong passwords and choosing reputable Web sites fall under the Behavioral tier. Using a firewall, maintaining anti-virus software and running regular updates falls under the Foundational tier. The more steps you take, the higher your MCSI score, with 100 being the highest score possible.

Microsoft polled consumers in U.S., U.K., Germany, France and Brazil in what the company called a ‘benchmark survey.’ The average MCSI from that poll, 34, suggests users have the basics covered but have left lots of room to improve, Microsoft said.

Among the five countries, 55 percent of users use automatic computer updates and roughly 90 percent of those surveyed use anti-virus protection. Conversely, only 26 percent of users said they had confidence in their PC security software while only eleven percent agreed “good digital citizens” are winning the war against hackers.

The metric was developed in conjunction with the upcoming 10-year anniversary of the Trustworthy Computing Group next year and was released as October, National Cyber Security Awareness Month, winds down.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.


  • Anonymous on

    The link is broken: maybe they took it down?


  • Anonymous on

    I missed the part where Microsoft cared about online users's safty. I've never read about a thid of what survery covered.


  • Anonymous on

    When the OS isn't safe blame the user.

  • JJ on

    "When the OS isn't safe blame the user."

    Since the article does not mention an OS, one wonders if you are ASSUMING what is not stated? The things people need to do to protect themselves apply regarless what OS is used, No OS is safe if safe computing practices are not followed.

  • Anonymous on

    I agree with JJ.  You could say that a building isn't safe to work in because someone jumped out a window using the logic that a user can't screw something up horribly.

      You don't see people riding motorcycles around inside buildings or off of rooftops on a regular basis.  Why?  Because it's reckless.  Unfortunately, the risks of using computers online aren't as clear to the average user, but the majority of computer users tend to do things about as risky as driving a motorcycle one-handed across a tightrope connecting two skyscrapers.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.