GEC NEWS WIREAs digital natives, Generation Z (born between 1997 – 2012) is often perceived to be technologically savvy. Indeed, they excel in adapting to new technology, mastering social media, learning quickly and transitioning seamlessly to digital learning and remote work. This internet-dependent generation has never known a world without the internet and sees the web as the starting line to the world and their own activities, an intrinsic part of their everyday lives.
However, when it comes to enterprise technology and cyber security, their actual experience and understanding may be lacking, leading to significant risks. This creates huge vulnerabilities for organizations and for themselves, as human risk remains a leading cause of data breaches, with 95% of cyber security issues being traced to human error according to the World Economic Forum (WEF).
According to the National Cybersecurity Alliance and CybSafe’s Annual Cybersecurity Attitudes and Behaviours Report 2023, some 43% of Zoomers (as GenZ are also aptly termed) have lost money due to cybercrime. According to another survey by EY Consulting, this younger generation are more likely to use the same passwords for personal accounts and work, making it that much easier for hackers to hack into work locations.
Gen Z predominantly communicates through online platforms such as social media, instant messaging apps and video calls. This heavy reliance on digital channels heightens their vulnerability to phishing attacks and privacy breaches. They also demonstrate a preference for online shopping and digital payments, increasing the likelihood they may become a victim of fraud and identity theft. Understanding and addressing these vulnerabilities is crucial for enhancing the security posture of organizations employing Gen Z workers.
Where does the risk lie?
Gen Z’s tendency for sharing information online significantly increases their vulnerability to identity theft and social engineering attacks. They often share detailed aspects of their lives, including personal achievements, locations, where they work, relationship statuses, and even minor day-to-day activities. While intended for friends and family, this oversharing creates a rich repository of data that can be exploited by cybercriminals. With Gen Z cultivating a deep online presence, it isn’t surprising that a Deloitte study found them three-times more likely to fall victim to cyber scams than baby boomers. Furthermore, when targeted by these types of attacks, the NCSA has reported that a shocking 34% of Gen Zs failed to report being a victim of harmful cyber activity.
Cyber hygiene and security practices are also a concern amongst the youngest generation in the workforce. Another aspect is the widespread disregard for software and hardware updates among Gen Z workers, as highlighted by EY who found that 58% admit to ignoring these crucial patches. Failure to promptly install updates leaves devices and systems vulnerable to exploitation by cyber threats, as updates often contain patches for known vulnerabilities and security loopholes. This lax attitude permeates multiple security practices, as attitudes towards password security among Gen Z poses a significant risk, with the same EY study finding one-in-three individuals reusing passwords across professional and personal accounts, increasing the likelihood of unauthorized access. At other times, this group will depend on storing their passwords in the memory of their digital device or cloud storage, increasing the risk of these passwords being found out.
This begs the question, why are the most digitally savvy generation not more conscious of cyber security? Gen Z may use technology with a high degree of comfort and fluency, but this is largely attributed to an over-reliance on technology for daily tasks. Many Gen Zs will simply view technology as a convenient tool that makes life easier, and this focus on convenience can result in the overlooking of “time consuming” security measures. This has led to extreme complacency amongst young people who are unable to grasp the risks associated with an activity as common as crossing the street. They also have a shorter attention span, caused by the constant flow of information, which have made them an expert at quickly filtering content but also making it more difficult for them to recognize cyber risks.
Gen Z has spent much of their adolescence using technology, without a formal education on cyber security. Despite recent educational programs increasingly integrating digital literacy into the curriculum, there is still a gap in comprehensive education on the topic. This limited academic and real-life experience with the consequences of poor cyber security practices has naturally led to over-confidence amongst Gen-Z when navigating their digital environment.
Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East. “To stay vigilant against threats such as phishing it is important that all employees, from Boomers to Gen Zs, learn to verify senders, scrutinize recipient lists, be mindful of unusual subjects or timing, avoid unfamiliar attachments or links and beware of messages demanding urgent action.”
