Which Employees Pose the Biggest Cyber Security Risk? You Might Be Surprised

A new study found that workers under 30 have a larger cyber security awareness gap than their older counterparts.
By: | December 10, 2019

There are few images more cliche than that of a millennial helping their baby boomer parents and grandparents navigate technology. Countless ads, movies and TV shows have included scenes of young people helping older people figure out how to use their computers and cellphones.

It may seem intuitive that younger workers would be more careful when it comes to cyber security. After all, they have grown up in the era of data breaches and ransomware attacks.

However, greater familiarity with technology doesn’t necessarily translate into being more careful with it, however. 

A new study from NTT, a global technology services and telecom firm based in Japan, found that younger workers actually have a larger cyber security awareness gap than their older counterparts. The study reports workers under 30 have “profoundly different attitudes towards cyber security.”

“It would be easy to assume that — due to their inherent digital DNA — under 30s always demonstrate good cyber security practice,” read the report. “However, this is not always the case.”

At a Glance

  • The report found that younger workers emphasize productivity and flexibility when it comes to cyber security practices. According to the report, these preferences mean that younger workers are more likely to bypass cyber security practices if they view them as impeding their productivity.  
  • On average, the 30 to 60 year-old age group exhibited more cyber security best practices than the under 30s.
  • Younger workers are also 39% more likely to pay a ransom to a cyber criminal. 
  • Workers under 30 believe their organizations’ recovery from a security incident would be six days quicker than those in older age groups

Some Specifics

Younger employees may have a larger cyber security awareness gap than their older counterparts, but it doesn’t have to stay that way. 

The report attributes older employees greater awareness of cyber risks to their increased knowledge of the working world.

“On average, the 30–60 year-old age group exhibits more cyber security good practice than the under 30s. This is due to a greater acquisition of workplace knowledge and skills over time,” the report said.  

In order to address this gap, the U.S. could implement a cyber security awareness education program for younger workers. France, the most cyber-savvy nation, according to the report, implemented a similar program as part of their national cyber security strategy

Experts also suggested employers make sure cyber security practices don’t interfere with young people’s productivity.

“If we want to harness the fantastic creativity and energy of younger workers, we need to think about security as something that enables their work, not something that blocks them from achieving their tasks,” said Adam Joinson, a professor of information systems at the University of Bath, in the report. 

Recommended Reading

Hacking is easier and cheaper than ever and businesses should stay on their toes if they want to avoid loss of data, business interruption or ransom costs. One of the first places they should look to see if their data is compromised is the dark web where cyber criminals now make an estimated $1.5 trillion annually selling data.

Big businesses aren’t the only ones who need to keep an eye on their cyber security either. Incidents of extortion and ransomware are up 200% for small businesses where human elements can make companies particularly vulnerable.  

Cyber crime isn’t expected to lessen over the next few years. By 2025, the number of interconnected devices in use is projected to exceed 75 billion, opening up virtually endless opportunities for criminals to attack. Here’s how you can focus on critical exposures&

Courtney DuChene is a freelance journalist based in Philadelphia. She can be reached at [email protected].

More from Risk & Insurance