Cyber Protocols — Who Pays Attention to Them & Who Doesn’t
Is your company regularlyhaving security issues? A recent study says the blame may lie with employees that are millennials and/or Generation Z. Millennials are those born between 1981 and 1996.
The birth years for Generation Zers is 1997 to 2012.
EY Consulting is the company whose study blames those two generations for not following cybersecurity protocols like their Generation X (1965 to 1980) and Baby Boomer (1946 to 1964) coworkers.
The firm’s survey says in spite of the need for security measures, younger workers are more likely to disregard those critical, mandatory IT updates.
- *Gen Z — 58% waited as long as possible or disregarded completely
- *Millennials — 42% waited as long as possible or disregarded completely
- *Generation X — 31% waited as long as possible or disregarded completely
- *Baby Boomers — 15% waited as long as possible or disregarded completely
Tapan Shah is EY Americas consulting cybersecurity leader. He said these numbers come even though 76% of workers in the four generations claim to be very knowledgeable about cybersecurity.
“This research should be a wake-up call for security leaders, CEOs, and boards, because the vast majority of cyber incidents trace back to a single individual,” Shah said. “There is an immediate need for organizations to restructure their security strategy with human behavior at the core. Human risk must be at the top of the security agenda, with a focus on understanding employee behaviors and then building proactive cybersecurity systems and a culture that educates, engages, and rewards everyone in the enterprise.”
Shah said the numbers for the younger generations are not surprising. They grew up with technology and assume they’re smart enough to outsmart cyber thieves, and because of that, they don’t think they have to worry.
“Millennials and especially Gen Z grew up as digital natives integrating technology into their daily lives and expect their employers to already have seamlessly integrated cybersecurity protections,” Shah noted. “They also grew up where cyber breaches regularly occur. In a way, they are desensitized to the risks and despite the precautions they take, they believe cyber incidents are inevitable.”
The EY survey found younger generations more likely to accept browser cookies on work-issued devices. Here are those numbers:
- *Generation Z — 48% will accept browser cookies on work-issued devises all the time or very often
- *Millennials — 43% will accept browser cookies on work-issued devises all the time or very often
- *Generation X — 31% will accept browser cookies on work-issued devises all the time or very often
- *Baby Boomers — 18% will accept browser cookies on work-issued devises all the time or very often
More from the survey across all four generations:
- *84% percent say they’re prepared and can avoid cyber mistakes at work
- *Just 35% say they’re very prepared to avoid those mistakes
- *50% are very confident they use strong passwords
- *43% are very confident they can keep work devices secure with up-to-date cyber protection
- *41% are very confident they know a phishing attempt when they see one
- *38% are very confident they can avoid getting entangled in ransomeware
- *32% are very confident they know how to encrypt their data
EY says the real solution to cyber security is education. Continual training on safe practices is key. Yearly training is recommended. Those receiving that kind of training will do cyber-safe practices than those who receive no education at all.
“Companies are investing to embed cybersecurity in every business unit as they digitally transform, but software, controls, processes and protocols are only part of the equation for minimizing cyber risk,” Shah said. “Increasing enterprise-wide security also requires a holistic focus on the human, engaging every employee and embedding safety checks and protocols that make the risks tangible in their professional and personal lives.”
Source link: CSO —https://bit.ly/3DOV5eh