Remember the Deloitte survey a while back that found Gen Zers were more than twice as likely as boomers to have their social media account hacked* (17% vs. 8%) and three times more likely than boomers to fall for an online scam (16% vs. 5%)? A refresher:
Today EY released the results of its 2024 Human Risk in Cybersecurity Survey and Gen Z workers who use work-issued laptops or computers for their jobs are feeling not so great about their scam-detecting skills:
Gen Z is losing confidence in their ability to recognize phishing attempts — one of the most common and successful tactics of social engineering attacks — and is most likely to admit to opening a suspicious link. And now, with the power of AI-generated phishing emails, spotting malicious links and content is getting even harder. Although they are a digital-first generation, only 31% of Gen Z feel very confident identifying phishing attempts, marking an alarming nine percentage point drop from 40% in 2022, and 72% said they have opened an unfamiliar link that seemed suspicious at work, far higher than Millennials (51%), Gen X (36%) and Baby Boomers (26%).
The boomers are lying.
More than half of millennials and almost two-thirds of Gen Zers surveyed are worried they’ll get fired if they leave the company door open to a breach.
Nearly two-in-three Gen Z and Millennial workers are particularly fearful about repercussions surrounding cybersecurity, including 64% of Gen Z and 58% of Millennials who fear they would lose their job if they ever left their organization vulnerable to an attack. Younger generations are also more likely to not fully understand what their organization’s process is to report suspected cyber attacks, even though their organization has a process in place (39% Gen Z and 29% Millennials vs. 19% Gen X and 15% Baby Boomers).
Although the numbers seem to show Zoomers don’t have faith in their scam-avoiding skills, more of them feel knowledgeable about cybersecurity than the last time EY did this survey in 2022 (86% vs. 75%). EY says this points to “opportunities to better equip younger workers to turn this knowledge into confidence by investing in upskilling and training that caters to their unique experience as true digital natives.”
The only other figure of note from EY’s press release is this one:
A vast majority of employees (91%) say organizations should regularly update their training to keep pace with AI, especially as AI’s role evolves in cyber threats; but only 62% say their employer has made educating employees about responsible AI usage a priority.
New EY research reveals cybersecurity fears are on the rise among US workers, with a vast majority concerned about AI in cybersecurity [PR Newswire]
*by “hacked” they mean “compromised,” usually through the owner being bamboozled by a fake log-in or using recycled passwords.
I’m finding many younger associates only used tablets growing up. They never dodged viruses and corrupted files while wrangling a live Limewire connection. It takes a bit longer to build their experience with email scams.