Phishing attacks cause 90% of cybersecurity breaches, which means the success of your cybersecurity efforts largely depends on properly training users to recognize and avoid threats.
Experts recommend customizing your training as much as possible and understanding your users' perspectives on cybersecurity. In a recent article for Forbes, Larry Alton discusses how millennials think about cybersecurity and what makes them different from previous generations.
In general, millennials tend to know more about potential cybersecurity risks—but also worry less about them—than previous generations. For example, though 70% of millennials believe online privacy will be further threatened in the next few years, 67% of them say they trust their bank to protect their personal information (compared with just 56% of previous generations).
This is largely because millennials grew up with the internet and social media, which means they're more accustomed to giving their data to external organizations, Alton argues. In short, they have lower expectations for personal privacy online. Millennials have also witnessed several large-scale security breaches in recent years and have seen that they don't present a catastrophic threat.
What campus IT can learn from Uber, Lyft, and Google Maps
Alton identifies three ways millennials' perspective changes their cybersecurity habits in the workplace:
1: Greater adoption of services. Millennial workers are more likely than other generations to adopt services that store sensitive data, such as electronic signatures and cloud storage, Alton reports. Millennials trust service providers to keep their information safe, and service providers are providing better training about what users can do on their side to reduce their risk, he writes.
2: Caution about specific threats. Baby boomers tend to take broad, sweeping actions to protect their data. For example, 86% of baby boomers avoid downloading free applications on their work devices. Unlike them, millennials focus on identifying and avoiding specific threats, such as one vulnerable program.
3: Grassroots prevention. Previous generations tend to take a top-down approach to cybersecurity, focusing on company-wide security efforts, Alton writes. Unlike them, millennials tend to focus on individual responsibility and personal habits that keep information safe, such as changing passwords regularly (Alton, Forbes, 12/1).
Roadmap for the CIO's first 100 days
Next in Today's Briefing
How to engage young donors—before they graduate