Tech-savvy young workers might be the biggest cyber liability to your business

News
By Benedict Collins
published

Boomers play it safe when it comes to cybersecurity, research claims

Millennials in a circle looking at phones.
Image credit: Pexels (Image credit: Rawpixel / Pexels)

New research from Ivanti has claimed workforce demographics can have a serious effect on your business’ cybersecurity.

The company surveyed over 6,500 employees across the world, with just over half (55%) aged 40 and below, and around 52% were female, giving a fairly even representation between demographics.

The study found younger office workers are more likely to disregard standard password safety guidelines, such as using birth dates, where 34% of those 40 or under admitted to violating this golden rule compared to just 19% of those over 40.

Boomers vs Millennials - who is more of a risk?

Elsewhere, using the same password across multiple devices saw greater admittance across both demographics, but younger workers pulled ahead once again with 38% compared to 28% in the older group.

Phishing scams were found to be greatly underreported by those 40 and under, with 23% saying that they did not report the last phishing attempt they received, with the most likely reason for this being “I didn’t think it was important”. Of the older demographic, just 12% failed to report.

In terms of concern for security threats against businesses, ransomware ranked as the greatest threat, with 23% of employees predicting it to be a critical threat in 2023. Phishing came in a close second, with 22% ranking it as a critical threat in 2023.

But what are the attitudes surrounding cybersecurity training and how do they reflect on these stats?

Of those surveyed, a staggering amount of them revealed that the organizations they worked for did NOT provide any mandatory cybersecurity training, with the US at 30%, UK at 17%, Netherlands at 32%, Japan at 35%, India at 31%, Germany at 22%, France at 43%, Australia at 29% and China at a whopping 65%.

As mandatory training is most likely to be given to younger new starters, can they be faulted as a security risk when companies are not providing the training needed to protect both themselves and their business? Cybersecurity has only recently become the leading concern among C-suites and executives, with cybersecurity budgets seeing new heights and greater investment in cyber literacy and security training.

Daniel Spicer, CSO at Ivanti, said, “Security leaders need to enable all employees to play defense against threat actors and proactively build an open and welcoming security culture.”

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.