The majority of U.S. consumers (94 percent) have heard or read bout major retailer data breaches in the past year, and three-quarters say retailer data breaches have increased their level of concern about personal data privacy, and 61 percent characterize their data management as “Take-Charge” instead of Reactive (26 percent) or Passive (11 percent), but despite these reservations, consumers are changing very little about their key shopping habits.

According to the 2014 ISACA IT Risk/Reward Barometer study, only 45 percent of consumers have changed an online password or PIN code; 15 percent made fewer online purchases on mobile devices; and 28 percent shopped less frequently at a retailer that had suffered a data breach.

For online shopping, global IT association ISACA recommends that consumers protect personal information by creating a strong password unique to each account, keep security software updated, and verify that online transactions are secure. Businesses can also aid in this awareness by educating customers and employees on reducing risks of data breaches.

The universality of connected devices makes securing all aspects of a consumer’s identity a challenging endeavor. More than 30 percent of consumers own or regularly use smart TVs, 27 percent use connected cars. More than 50 percent of consumers want connected devices for the coming year, including a large faction of Americans (68 percent) who would consider using connected wearable devices in the workplace, despite potential data and privacy concerns.

An issue facing IT organizations on this front includes creating BYOD policies for wearable devices, such as smart glasses or watches. More than 60 percent of ISACA survey respondents say their department’s BYOD policy does not address wearable technology.