New research has found that when it comes to cybersecurity in the workplace, younger workers don’t care that much, putting their organizations at risk of serious harm.
Surveying around 1,000 employees using their employers’ equipment, EY professional services firm found that Gen Z employees were more apathetic about cybersecurity than their Boomer colleagues when it came to complying with employer’s security policies.
This is despite the fact that four out of five (83%) of all respondents said they understood their employer’s safety protocol.
Recycling of passwords
For example, when it comes to deploying mandatory IT updates, 58% of Gen Z and 42% of Millennials would disregard it for as long as possible. Less than a third (31%) of Gen X and only 15% of the baby boomers say they do the same.
Apathy in young people extends to the password (opens in a new tab) reuse between private and corporate accounts. A third of Gen Z and millennial workers surveyed shared this fact, compared to less than a quarter of all Gen X and baby boomers.
Nearly half of Generation Z and the Millennials “possibly all the time or frequently accept web browser cookies on their work devices” compared with 31% of Generation X workers and 18% of Baby Boomers.
“There is an immediate need for organizations to restructure their security strategy to focus on human behavior,” said Tapan Shah, cybersecurity advisory leader at EY America.
Some argue that young people’s apathy towards technology is due to their excessive knowledge of technology and never without it.
Over-familiarization with technology undoubtedly makes younger employees of the enterprise a prime target for cybercriminals looking to exploit any vulnerability.
If an organization’s cybersecurity practices are not strictly followed, cybercriminals can threaten huge networks with simple social engineering attacks.
As demonstrated recent attacks on Uber and Rockstar Games (opens in a new tab)a good social engineer does not need the technical skills to expose confidential company and customer information, causing hundreds of thousands of dollars in mitigation damage and fines.