Generation Y “digital native” employees are most likely to practice sloppy cyber security

New research from T-Systems into cyber security behaviour and awareness has found that Generation Y employees are much more likely to both over-estimate their knowledge while undertaking unsafe practices.

For instance, its research found people in their twenties and early thirties are much more likely to consider themselves ‘very knowledgeable’ about cyber security than their older colleagues (about 50% rate themselves as “very knowledgeable” compared to an average for all employees of 36%).
But it turned out to be false confidence. On detailed questioning T-Systems found that Generation Y employees were often less knowledgeable than their colleagues and more likely to undertake unsafe cyber security practices at work and at home.
For instance, they are less likely to change their passwords every few months (about 73% don’t do this, compared to about 65% for older colleagues) and much more likely to reuse their email password for other online services (about 32% compared to an average of 21% for all employees). {See charts at the end of the press release}
Much of the same also applies to many male employees too, who similarly over-estimate their cyber security knowledge compared with female colleagues, and consequently are unwittingly exposing their work and home computers to viruses, malware and hackers.
The findings are contained in a new report published today from T-Systems entitled In your hands or theirs? Tackling Cyber Security Threats to Corporate Networks. Complimentary copies are available here. It includes research into a representative sample of over 2,000 UK employees conducted for T-Systems by research agency Censuswide.
Scott Cairns, the UK head of cyber security at T-Systems, said: “While no age group is exemplary when it comes to cyber security, whether at work or at home, the ‘digital natives’ of Generation Y, perhaps surprisingly, appear to be less security conscious than their middle-aged and baby boomer colleagues.
“Our research strongly suggests the problem lies with an overconfidence that comes from their very familiarity with electronic devices and the digital world. Generation X and Baby Boomer employees, compared to those in their 20s and early 30s, are often more cautious about their knowledge of IT and seem much more willing to tread carefully and follow cyber security protocols.
“It is easy for bosses to assume their younger, technologically literate colleagues know what they are doing – after all, they are typically very comfortable with the digital world, and generally lose no time in getting to grips with new apps and devices.
“But there is a big difference between knowing how to use something and knowing what is going on ‘under the bonnet’, just as there is a big difference between being a good driver and being a mechanic.
“Our message is cyber security education is essential for all employees, and employers should avoid making the mistake of overestimating security knowledge, especially in people who appear confident.”
Scott Cairns added: “Up-to-date and regular cyber security education for all employees is one of the most effective tactics an organisation can take. However, our research found that despite the pace at which cyber-attacks are evolving, 66% of employees had received no up-to-date education within the past twelve months. Nearly 30% of employees say they have never had cyber security education at any employer.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational cloud services that is unique on the market, enabling clients across the world to meet the challenges of managing their data in the edge to cloud continuum, in line with the highest jurisdictional data governance requirements. Part of the Atos' OneCloud initiative, Atos OneCloud Sovereign Shield is a comprehensive edge to cloud platform ecosystem and highly secure service that improves the level of control clients have over the data they produce and exchange, helping them regain control and effectively deal with legal dependencies.
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets across Europe with further expansion into APAC planned.
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses (SMBs) in the UK are connecting to the corporate network using personal devices that do not have any security controls in place, according to IT Decision Makers (ITDMs) within SMBs.
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% offer backup services.
Trend Micro has published new research revealing that 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, 82% have felt pressured to downplay the severity of cyber risks to their board.
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability.