In today’s multigenerational workforce, the over-30s are more likely to adopt cybersecurity good practice than their younger colleagues who have grown up with digital technology, reports Help Net Security.
The report suggests that a person born in the digital age wouldn’t necessarily follow cybersecurity best practice. In fact, employees who have spent longer in the workplace gaining knowledge and skills and acquired ‘digital DNA’ during that time, sometimes have an advantage over younger workers.
Under-30s, who are born into the digital age, on the other hand, are more laid back about cybersecurity responsibilities. They adopt different working practices and expect to be productive, flexible and agile at work using their own tools and devices.
However, half of respondents think that responsibility for cybersecurity rests solely with the IT department. This is 6% higher than respondents in the older age categories.
Top generational differences in attitudes to cybersecurity
Under-30s are more likely to consider paying a ransom demand to a hacker (39%) than over-30s (30%). This may be due to an impatience to get systems back up and running, or a greater knowledge of bitcoin and other cryptocurrencies.
Growing up in a technology skills crisis, 46% of under-30s are worried their company doesn’t have the right cybersecurity skills and resources in-house. This is 4% higher than for over-30s.
The desire for flexibility and agility could be affecting attitudes to incident response. Under-30s estimate that a company could recover from a cybersecurity breach in just 62 days – six days less than the time estimated by older age groups (68 days).
Younger workers are more accepting of personal devices at work and consider them less of a security risk (71%) than older workers (79%). However, they’re more concerned about the Internet of Things (IoT) as a potential risk (61% compared to 59%).
81% believe cybersecurity should be an item on the boardroom agenda, compared to 85% of over-30s.
A look at the key regional differences
Under-30s in Brazil and France emerge as cybersecurity leaders in their countries; the result of the French government’s cybersecurity agency’s specific focus four years ago to raise awareness of cybersecurity issues among children and students.
In Brazil, digital infrastructure was rolled out later than in North America, Europe and Asia Pacific, meaning that middle-aged employees have had less exposure to digital.
In the Nordics, USA, Hong Kong and the UK – all digitally advanced countries – older employees have plenty of ‘digital DNA’, but these countries must ensure that under-30s continue to learn and embrace cybersecurity skills and behaviors.
To read the full report, click here.