Unlike previous generations, millennials have used (and trusted) technology all their lives. So, does it cause a gap in your organization’s Security Awareness Program?
According to a new survey from IBM Security, millennials are behind on their sense of security when compared to their “older” counterparts in a number of ways:
- Millennials value convenience over security – almost half would use a less secure form of authentication if it shaved off a few seconds of wait time.
- They consider the risk to the enterprise less – only 21% of millennials said they always think about whether an online action poses a risk.
- They’re not practicing good password etiquette – A whopping 82% of them reuse passwords on websites and 42% will only change their password when the system forces them to.
In short, there is a high percentage of millennials that have no real sense of security awareness, no understanding of the risk involved with being online, no eagerness to ensure their environment remains secure, and no real thinking about the safety of the organization.
So, how should you approach this in your organization?
First, I’m going to assume you have some kind of security awareness training in place to educate users on the risks, methods of attack, and techniques used to compromise email, user accounts, and systems. If you don’t, please contact me for more information.
Second, you need to tailor your training for millennials. They are more likely to trust an unknown service provider to house their data, provide online applications, etc. So, the training needs to be geared toward risks originating from online and digital medium.
Third, you need to have your training designed with the overarching goal in mind of elevating the security maturity of the user – whether millennial or baby boomer, the end game is the same: keep the organization secure.
Cyber-attacks are rapidly getting more sophisticated. GDR Group will help train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now and email email@example.com to request a quote for Security Awareness Training and Phishing Testing for your organization.