Small businesses need to know which employees might place their business in cybersecurity risk

By now, almost every savvy business leader knows that every business has cybersecurity risks. Some of that risk may be impacted by the age of the business’ workforce. A recent study, sponsored by Citrix, identified some interesting trends. Citrix, a software company, sponsored The Need for a New IT Security Architecture: Global Study on Compliance Challenges & Security Effectiveness in the Workplace study by Ponemon Institute. One key area the study identified is how age groups might impact cybersecurity risks for a business.

The study identified that overall, the millennials are most likely to put a company at cybersecurity risk.

• Millennials: 18-34 years old (55%)

• Gen X: 35-50 years old (25%)

• Baby boomers: 51-69 years old (20%)

The details of the study show that different age groups might be impacting cyber risk in different ways.

Millennials are:

• More likely to use unapproved apps and devices in the workplace (39%)

• Somewhat apt to be negligent or careless in following the organization’s security policies (26%)

• Not very susceptible to phishing & social engineering scams (15%)

• Not apt to lack knowledge about how to protect sensitive and confidential information (15%)

Gen X are:

• Apt to use unapproved apps and devices in the workplace (32%)

• Apt to be negligent or careless in following the organization’s security policies (30%)

• Somewhat apt to lack knowledge about how to protect sensitive and confidential information (17%)

• Less likely to be susceptible to phishing & social engineering scams (14%)

Baby boomers are:

• More than twice as likely to be susceptible to phishing & social engineering scams (33%)

• Twice as likely to lack knowledge about how to protect sensitive and confidential information (30%)

• Half as likely to use unapproved apps and devices in the workplace (16%)

• Less likely to be negligent or careless in following the organization’s security policies (16%)

What your business can do

Businesses should consider the ages of its workforce by the 3 key groups. In addition to standard cybersecurity training, special emphasis should be placed on the areas where increased vulnerability may occur. For example, if you have a significant number of baby boomers, increase the number of examples and impacts of phishing scams in your training. If you have a significant number of Gen X or millennials, talk to them about the impact of unapproved apps and devices in the workplace. Show them how it can damage the company and how it can negatively impact them as employees.

About the Author - Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.