Cybersecurity Culture: Getting Gen Z On The Same Page

Summary: This 3-minute article discusses the cyber security burnout of the Gen Z workforce and why SMBs must get all their employees on the same page in protecting their business computer systems. Learn how annual cyber awareness training can get all employees on track. Contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit www.DIGIGUARDsecurity.com for a cyber risk analysis and to discuss what can be done to lock down the overall security of your business network.

The young, twenty-something workforce has grown up with computers. Along the way, most of these Gen Z workers were exposed to viruses, malware and many other types of cyberattacks as part of their digital coming of age. In tandem, as cybercrime has increased, so have the methods for protecting against attacks. But has more robust cyber security led Gen Z to complacency? Why is the new generation less diligent about cyber security best practices?

Ironically, younger computer users have a good sense of the cyber threats to online activities. Furthermore, this group understands the warning signs of potential attacks and the best practices required to avoid such data breaches. But studies have shown a growing cyber apathy within this group and a lack of adherence to vital cyber security protocols. In theory, Gen Zs are the best equipped to support cyber protection. Yet the multitude of online accounts and platforms they must manage has led to unprecedented cyber security burnout. They know the rules but just don’t care.

Accepting cookies, reusing easy-to-guess passwords, delaying installation of software security updates and lax cyber incident reporting are a few of the typical mistakes young employees make. Unfortunately, at a time when cybercrime is up over 400% and at an all-time high, the carelessness of the younger generation is reckless. It could lead to deadly consequences for your business.

Since the onset of the pandemic, the remote-access, work-from-home business model has dramatically increased a hacker’s target landscape. More devices than ever are connected to the internet, and with each new device comes a vulnerable endpoint through which hackers can launch attacks. So now is not the time to become complacent about cyber security best practices.

We’re All In This Together

Regardless of employees' ages, SMB online security is a team effort. Beyond the hardware and software used to protect data, company IT security is the responsibility of everyone. Each employee must do their part to follow security protocols. Without taking individual responsibility for your company’s cyber security, every employee can become a weak link in your network, opening the door to a massive system-wide cyberattack.

Ongoing Training Is Key

There is no end-of-day or vacation for securing your business’s computer system. Cyber security is an ongoing, ever-evolving process that must never stop. Annual cyber awareness training is essential but not nearly enough. Best practices training should be addressed regularly, and updates to security should target maximum engagement by your staff. On an individual level, SMB management must examine every employee's roles and system permissions to ascertain whether any additional best practices should be instituted as relevant to their specific jobs. Regular training and personalized assessments can increase awareness and employee buy-in to the importance of cyber vigilance.

There are some essential components to implementing sound best practices:

• Emphasizing Cyber Security From Day One – Data security and best practices should not be an afterthought when training new employees. Cyber security is part of everyone’s job, regardless of their job description. Bringing bad online habits to a new job is unacceptable, and previous behaviors must be modified to support company security.
• Exploring Possible Consequences of a Cyberattack – It is imperative for all employees of a company to understand the real-world consequences of a cyberattack. Every possible attack outcome should be discussed, including time lost, identity theft, data breaches, personal attacks, slowing or ceasing business operations, loss of business, angry customers, compliance violations and bankruptcy. Employees are more likely to pay attention when they understand what is at stake.
• Consult IT Professionals – Small businesses often don’t have the budget for full-time IT staff. However, it would be prudent for SMB owners to hire IT experts to provide a cyber risk analysis and design best practices recommendations tailor-made for your company.

The security of business computer systems is no longer limited to activities performed in the home office. Remote work has challenged SMBs to scramble to find ways of monitoring remote-access workers. They have had to develop new methods for increasing the visibility and accountability of remote employees working online. Every connected device is vulnerable. Even simple, careless mistakes by individual company users can lead to severe outcomes for everyone. With over 60% of SMBs going out of business within six months of a cyberattack, universal employee buy-in is critical. Committing to ongoing cyber education, training and regular updates, combined with a consistent corporate rallying cry for diligent adherence to best practices, can be a robust process for increasing the overall security of your business network. Your employees’ proactive attention to cyber security is the first line of defense against cyberattacks, and adherence to security protocols is vital to protecting your network.