A recent cyber security research project provided that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).
This is true about performing password hygiene, clicking on phishing links and sharing devices with family and friends:
- 38% of office workers under 40 use the same passwords on multiple devices, compared to 28% of office workers older than 40.
- 34% of office workers under 40 shared work device(s) with family or friends, compared to 19% of office workers older than 40.
- 34% of office workers under 40 use a birthdate in their password, compared to 19% of office workers older than 40.
- 13% of office workers under 40 clicked on a phishing link when targeted, compared to 8% of office workers older than 40.
In addition, gender, seniority and region can impact the collective strength of the organization’s security as a whole. The report finds that men and leaders are more comfortable contacting a security employee with a question or concern with leaders at an organization the most likely to reach out with a question at 72%.
It also shows that there are regional variations in cybersecurity training and attitudes with 54% of employees in China and 43% in France reporting that their organizations do not provide mandatory cybersecurity training. That number drops to 17% for the United Kingdom, 30% in the United States and 22% in Germany respectively.
See: https://redskyalliance.org/xindustry/employees-cyber-security-awareness-training
Employees do not always understand that they are valuable members of the extended security team despite organizations’ best attempts to train and educate, according to the researchers. There is also a dangerous assumption that since younger office workers are generally more tech savvy, they are also more security conscious. Security leaders need to enable all employees to play defense against threat actors and proactively build an open and welcoming security culture.
Many organizations have a top-down approach to training and cybersecurity culture; however, the research shows it is critical to build a collaborative and positive security culture at every organization. Undertrained employees risk diluting the strength of the overall organization’s preparedness, which is why organizations need to design their tech stack to minimize end-user friction.
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and has reported extensively on AI technology. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
Comments