A new study by Iris Powered by Generali has laid bare the significant cybersecurity concerns held by the vast majority of Americans, with Artificial Intelligence (AI) emerging as a primary source of worry.
The Identity & Cybersecurity Concerns Survey polled over a thousand adults in the United States on their digital security habits and experiences with fraud.
The findings showed that 87% of consumers feel secure using their internet-connected devices, but a similarly high proportion express considerable anxiety about specific cyber threats.
The findings are based on an Online CARAVAN survey conducted by Big Village among 1,010 adults aged 18 and over between March 12th and 14th, 2025. The sample was weighted by age, gender, geographic region, race, and education, using US Census Bureau data to ensure representativeness.
Eighty-five percent are concerned about their personal devices being hacked, and 88% worry about their passwords being compromised. Despite these acknowledged risks, the survey indicates a significant shortfall in preventative measures, with over 90% of respondents employing only a handful of recommended identity protection practices. This disconnect suggests a potential overconfidence masking an underlying awareness of vulnerability.
When directly questioned about emerging threats, AI loomed large in the minds of American consumers. A substantial 91% cited AI as a concern regarding their personal information. This apprehension was particularly pronounced among women, with 41% of female respondents expressing extreme concern compared to 32% of their male counterparts.
The survey also delved into life events perceived as increasing vulnerability to identity theft. Moving to a new location was identified by the largest segment (33%) as posing the greatest risk, followed by starting a new business (31%) and buying or selling a home (30%).
Older generations, Baby Boomers and Generation X, were significantly more likely to view buying a home as a threat compared to Millennials and Generation Z, a finding aligning with recent financial studies suggesting lower homeownership expectations among younger Americans.
Additionally, the study explored who consumers would turn to in the event of a data breach notification. A majority (46%) indicated they would first contact their bank or credit card company for support, significantly more than the 19% who would reach out to a dedicated cybersecurity or identity protection provider.
For those who had unfortunately fallen victim to fraud or identity theft within the preceding two years, the survey painted a stark picture of the aftermath. A staggering 93% of these victims reported that the resolution process caused them stress, with over half (52%) describing it as either the most stress they had ever experienced or significant stress. Notably, only a small fraction (5%) reported receiving effective resolution assistance from an identity protection provider. Despite this, a significant 66% of consumers expressed interest in purchasing cybersecurity protection offerings if provided by their bank or credit card company.
Paige Schaffer, CEO of Iris, said, “While many respondents feel secure using their devices, most only feel ‘somewhat secure,’ revealing an underlying uncertainty. At the same time, most aren’t doing all they can to protect themselves from these threats, reinforcing the urgent need for comprehensive identity theft protection services. This gap between perception and preparedness leaves consumers increasingly vulnerable in a rapidly evolving threat landscape – particularly with AI enabling cybercriminals to launch more sophisticated, convincing, and large-scale attacks. At the end of the day, consumers really shouldn’t be navigating these risks alone.”
“These findings only confirm what we’re doing at Iris. Our identity and cyber protection suite has been designed with this idea in mind, allowing our partners to seamlessly integrate proactive security into the systems their customers already use,” said Erik Nienaber, Chief Technology and Product Officer at Iris.
“By embedding protection where consumers already are – whether through banks, credit card companies, or other trusted providers – we’re making it easier than ever for them to stay ahead of evolving cyber threats without having to navigate complex security solutions on their own.”
