According to a report from ITNews, as millennials enter the workforce in large numbers, it is important for all security programs to realize the unique challenges that they pose. While all
millennials are not alike, and older generations share some of these traits, it is reasonable to acknowledge some distinct trends, says the report.
Millennials are the first generation for
whom computer devices are ubiquitous in their daily activities. Laptops have become the computer of choice and can be taken anywhere. Cellphones are more powerful and functional than computers were a
decade ago, and millenials have had these devices in their pockets for as long as most of them can remember.
But use of a technology does not mean that it is safely used and millennials'
comfort with technology does not mean that they are more security aware. The tendency is to use technology in a way that is most convenient, not most secure, says the report.
has been some effort to protect their privacy, primarily from their parents and others, this does not mean that they are aware of all the things there are to protect and how to protect them. The fact
is, the more information that is available, the more vulnerable it is made. Millennial trends in technology use, and subsequent security vulnerability, is discussed here.
have a heightened trust in technology: As technology has been ubiquitous to their lives, millennials trust technology by default. They accept functionality easily, with less consideration of risk.
Awareness programs should stress the need for caution when storing data online, downloading apps, and other activities.
- They prefer to use their own devices: Many organizations
have already adopted a bring your own device (BYOD) policy, and while this can save companies money as well as delight users, security teams have raised the alert that the practice creates a loss of
control of data. It adds to the concern that users are storing organizational data on their personal devices with varying levels of security.
- They are heavy users of social media:
Social media use allows them to stay connected, but it also creates an increased attack surface. Sensitive information could be accidentally disclosed, and heavy social media usage also creates
more opportunities to encounter malware. If you spend time and effort to create a social media presence for your awareness program, millennials are much more likely to engage with it.
- They have shorter attention spans: Research shows that people now have shorter attention spans. There are many reasons driving this, such as being inundated with information via feeds
like Twitter and Snapchat. Your awareness efforts should be tailored accordingly. Trainings and videos should be brief and to the point
- They have more intellectual
curiosity:The upside of shorter attention spans is that millennials are more likely to seek out information when their curiosity is piqued. To take advantage of this, awareness materials should be
made easily available, says the report. Videos should be always posted, so people can view them at will. Corporate knowledge bases of security information can be posted online for users to learn on
their own, on their own terms.
- They grew up with video games: Software-based training that provides challenges can be an effective way to engage millennials. Older
generations tend to frown on games in the workplace, but millennials look at it as a natural way to learn skills and other information.
- They are more socially conscious:
Millennials, by and large, want to leave the world a better place than they found it. They want to create a positive impact. Awareness programs can and should promote the value of good security
behaviors, not just for the individual's wellbeing, but for the wellbeing of other employees, customers and society as a whole.
materials and efforts will impact some people more than others. To account for this, given that millennials are becoming prominent in organizations, and will be predominant in the future, it is to
every awareness professional’s benefit to learn how to target some of your efforts to them. Awareness programs need to incorporate as many modes of communications as possible
More from this report,
originally published by CSO, may be accessed here.