Survey: Gen Z, Millennials more careless about cybersecurity than older colleagues
Generation Z and millennial workers are less likely to comply with their employer's cybersecurity policies compared to their senior Gen X and baby boomer colleagues, a new survey has found.
According to Ernst & Young LLP's 2022 Human Risk in Cybersecurity survey, while 83 per cent of workers in the US said that they understood their company's cybersecurity policies, 48 per cent of Gen Z and 39 per cent of millennial employees admitted that they were more cautious with their own devices compared to their work-issued devices.
"This research should be a wake-up call for security leaders, CEOs and boards because the vast majority of cyber incidents trace back to a single individual," Tapan Shah, EY Americas' consulting cybersecurity leader, said in a statement.
"There is an immediate need for organisations to restructure their security strategy with human behaviour at the core. Human risk must be at the top of the security agenda, with a focus on understanding employee behaviour and then building proactive cybersecurity systems and a culture that educates, engages, and rewards everyone in the enterprise."
The survey, which polled 1,000 US-based workers who are required to use a work-issued laptop or computer for the majority of their working time, also found that Generation Z and millennial respondents disregard mandatory IT updates for as long as possible, reuse passwords for personal and professional accounts and accept browser cookies in far greater numbers than Gen X or baby boomer workers.
This isn’t the first time that younger workers have been found to be less cautious about cybersecurity in the workplace, after a 2019 report by NTT claimed that workers under the age of 30 were "laid back about cybersecurity responsibilities" due to their age and familiarity with the digital world.
Tapan Shah, Consulting Cybersecurity Leader, Ernst & Young America said: "There is an immediate need for organisations to restructure their security strategy with human behaviour at the core."