Younger Workers More Relaxed About Cybersecurity Than Older Counterparts, Survey Finds

Different generations approach technology at work in vastly different ways, the report found.

• By Haley Samsel
• Oct 23, 2019

As National Cybersecurity Awareness Month comes to a close, a new survey finds that workers under the age of 30 are more relaxed about cybersecurity practices than their older counterparts, making them potentially vulnerable to phishing and other threats. 

Research conducted by technology services company NTT, released Tuesday, scored survey respondents on best cybersecurity practices. On average, professionals under the age of 30 had a worse average score than workers who were 30 and above, including 46- to 60-year-olds. 

The main difference in attitudes toward cybersecurity across age groups is the willingness of younger workers to use their own devices to complete tasks, according to the research. While 46 percent of under-30s said they were worried that their organization does not have the right cybersecurity skills and resources in-house, they were more accepting of personal devices at work than older employees. 

At the same time, younger workers were slightly more concerned about the Internet of Things (IOT) as a potential cybersecurity risk, with 61 percent of under-30s calling it a risk compared to 59 percent of over-30s. 

“This data suggests that those born and raised in the digital age don’t necessarily follow cybersecurity best practices,” NTT wrote in a press release announcing the survey. “In fact, employees who have spent more time in the workplace gaining knowledge, skills and acquired ‘digital DNA,’ tend to have a stronger security posture than younger workers.”

In addition, the survey found that 39 percent younger employees were likely to consider paying a hacker’s ransom demand, compared to 30 percent of over-30s. The report attributes the difference to a greater impatience among young people to get access to their systems and restart business, or a greater knowledge of bitcoin and cryptocurrencies that are often used to pay ransomware hackers. 

Matt Gyde, the CEO of security at NTT, said the research shows that the workforce has very different approaches and attitudes toward cybersecurity depending on age. He emphasized that cybersecurity must be seen as a responsibility of all employees rather than just the IT department. 

“Businesses must transform their approach to security if they are to engage all generations,” he said in a statement. “Different generations use technology in very different ways and business leaders need to recognize that strong cybersecurity practices for all generations within the business is an enabler and not a barrier. Security leaders should make themselves more approachable and talk the language of business, not IT.”