The business landscape has much to say about the upcoming generation of young professionals. Generation Z — those born between 1997 and 2012 — has significantly reshaped workplace norms, demanding more meaningful work, respect for flexible schedules and setups, and robust diversity and inclusion. However, they also bring fresh technological skills and perspectives, allowing companies to gain a competitive advantage in the digital era.
Their innate ability to adapt to emerging technologies is not without problems, though. As more executives and human resource (HR) practitioners are discovering, Gen Z has alarmingly low cybersecurity awareness. In a study conducted by the National Cybersecurity Alliance and CybSafe, 64% of Gen Z are constantly connected to the internet, with 34% losing money to phishing scams. Another 18% have fallen victim to identity theft.
Although the numbers aren’t indicative of the entire population, young people’s overall passiveness toward internet safety puts companies at a heightened risk of cyberattacks. Therefore, HR teams must encourage Gen Z employees to take cybersecurity seriously and follow workplace internet safety guidelines.
Gen Z and the Cybersecurity Conundrum
Gen Z may have grown up with the internet, but they seemingly have less regard for digital well-being. Having been referred to as “digital natives,” the internet is much like their playground.
Gen Z accounts for 25% of social media users in the United States. However, social media is more than a place for them to like and comment on posts and connect with friends. This population uses it to read news, shop, create and build their influencer empires. They are just as enthusiastic about online gaming, e-sports and smartphones, which puts them at risk of hacking, deceptions and doxxing.
Since the pandemic, many have also transitioned to online learning, especially those attending colleges and universities. In fact, amid growing interest in digital education, experts estimate a 13.6% growth rate in edtech over the next 10 years. This signifies a shift in people’s increasing reliance on technology in various aspects of their lives and the potential for more rampant digital threats.
However, the online world can be dangerous if young people aren’t careful. A McKinsey report says 40% of Gen Z has approved access to personal information for free services and discounts. This generation is also prone to storing sensitive information online, saving passwords insecurely, accessing unsecured Wi-Fi, staying logged into their accounts and trusting artificial intelligence (AI) services too quickly. AI tools deliver excellent efficiency for an age group valuing speed and convenience.
Perhaps more alarmingly, a Deloitte survey suggests 17% of Gen Z are more likely to have their social media accounts hacked versus 8% of baby boomers. They are also three times more likely to fall victim to an online scam. Of course, these statistics don’t reflect every Gen Zer, as many take the risks seriously by proactively securing their data privacy.
Younger digital users are becoming more aware of their online presence and showing an interest in protecting their personal details and anonymity. For HR specialists, this suggests a path forward for teaching young professionals about cybersecurity at work.
Common Cybersecurity Misconceptions Among Young Workers
You can only define Gen Z’s possible misconceptions around cybersecurity if you understand who this generation is. Roberta Katz, a senior researcher at Stanford University, has learned through studying this age group that they are a demographic highly influenced by online culture. How could they not be, having been raised in the digital age?
Internet technologies have significantly evolved the speed, scale and breadth of how people communicate, work, interact, purchase goods and find personal connections. As digital tools advanced, Gen Z developed with them. As such, they have experienced the world through the power of the internet, learning to collaborate and become self-sufficient.
Because of their propensity for technology, Gen Z may perceive themselves as experts in the digital landscape. This could contribute to a more carefree approach to cybersecurity. For example, they may believe privacy settings are enough to secure their personal information. Social media platforms have given young people a false sense of security through mere password protection. This could be especially true since most sites require a unique password using uppercase and lowercase letters, numbers and symbols. However, it isn’t enough.
They might also hear about older adults falling victim to cyberattacks more often than people from their generation, giving some the impression it may not happen to them. After all, cyberattackers usually target older adults who doubt their technical abilities and maintain less digital literacy. In fact, many older individuals disengage with technology out of fear of doing something wrong.
Younger people’s deep technological proficiency could also make them think they are safe online. However, just because they know how to use the internet and adapt to device upgrades effortlessly doesn’t mean they are well-versed in cybersecurity measures and best practices.
The Rising Threat of Cyberattacks on Businesses
The threat of cyberattacks on companies is rising, and it isn’t just Gen Z that businesses need to worry about. As cybercrimes become increasingly complex and seemingly legitimate, anyone can fall for a hacking scam. According to the FBI’s 2023 Internet Crime Report, 21,489 complaints were filed by companies last year, amounting to $2.9 billion in losses. Most stemmed from email phishing attacks.
Human error is the biggest culprit of successful phishing. In fact, 84% of professionals fall for scams within 10 minutes of receiving a fake email. Hackers use legitimate-looking email addresses, causing workers to mistakenly and unknowingly install ransomware on their devices.
The rise of remote work has also presented cybersecurity challenges for organizations. In one survey, 70% of businesses believed a distributed workforce made them more vulnerable to cyberthreats. Their greatest concerns surrounding remote workers included the following:
- Data leaking of confidential information
- Inability to monitor user activity
- Poor data integrity
- Failure to ensure regulatory compliance
Their worries are valid, as it is harder to keep track of end users logging in at various locations, servers and networks. Coupled with lower cybersecurity awareness among remote or hybrid employees, it is a recipe for disaster.
Promoting Cybersecurity Among Younger New Hires: 5 Tips
HR professionals must consider how they can encourage younger employees to take cybersecurity more seriously. Many may simply not know what to look for regarding online scam artists, while others could benefit from a refresher. Follow these tips to help Gen Z take accountability for cybersecurity and adopt safer online practices.
Some Gen Z employees may be more lax about cybersecurity because they lack proper training. Providing regular cybersecurity education and resources will help them learn what to do when faced with a cyberattack.
Tailor training modules to address common online behaviors. These sessions should cover recognizing phishing emails, creating strong passwords, and securing work and personal devices. Likewise, simulated training and gamification are more engaging approaches HR professionals can take. Simulation exercises are a practical, hands-on approach to experiencing and handling online threats.
Microlearning modules might be another avenue for younger team members. These miniature sessions deliver bite-size cybersecurity information Gen Z workers can more easily retain. Rolling out training through mobile devices also fulfills their preference for on-the-go learning.
-
Foster a Cyber-Secure Culture
Young professionals may need reminders about cybersecurity practices. Hanging posters in break rooms, conference rooms and workstations can convey important information about maintaining online security and safety.
You might also email occasional updates on the company’s best practices, tips and news. A backchannel like the corporate intranet or internal communications platform may be another place to ensure easy access to cybersecurity guidelines.
HR should work with the IT department to create and enforce rules regarding the use of personal devices for work matters. The same goes for downloading unauthorized applications and other prohibited activities on corporate devices. To protect themselves and the company, all workers should store passwords in a business-approved password system, install antivirus software, log into secured networks and encrypt sensitive data.
Everyone in the company should know how to prevent cyberattacks on work devices and programs. However, it’s also essential to include step-by-step instructions on how to handle a potential threat.
Deliver procedures on ways employees should respond to suspicious emails or malware. Ensure they have the proper contact information for the HR and IT departments so they can address problems promptly. For instance, you might create a contact form for workers to submit data breaches and suspicious behaviors — like unsolicited emails or phone calls requesting sensitive information — to IT immediately. Employees should report everything they’re wary of instead of clicking on email links and attachments or disclosing important information in message replies.
Companies should also provide guidelines on improving online safety while working remotely, such as securing at-home Wi-Fi networks and ensuring all devices are updated with the latest antivirus software. Likewise, employees should know how to spot fake email addresses in emails.
Delivering incentives for being proactive may encourage Gen Z employees to remain hypervigilant about cyberthreats. For example, once the team has completed cybersecurity training, you could order coffee and pastries for breakfast or cater lunch to celebrate their achievements. Rewards may also be in the form of gift cards or a few extra hours of paid time off. Other approaches include professional development opportunities or recognition of employee excellence.
Because most employees prefer remote work — 27% want to be fully remote, while 53% want a hybrid schedule — companies might provide flexibility to younger workers after training. Of course, they must be able to apply cybersecurity best practices and corporate policies to prove their abilities to protect the business.
If you want Gen Z to raise concerns about suspicious online activity at work, you must encourage them to communicate. However, they are less likely to speak up if they believe they will get in trouble.
Create an open-door policy where they can come to HR to report a cyberattack. Launching an anonymous reporting system is another way to get ahead of online threats. Scheduling check-ins in a comfortable one-to-one setting allows them to discuss what they’ve encountered or need further training in.
Protect Your Company With a Cyber-Aware Workforce
Gen Z has an exemplary talent and perspective they can bring to a company. Although some may come with little cybersecurity awareness, HR teams can quickly and efficiently bring them up to speed with the right approach.
Post Views: 8,221