Mumbai, October 27 2019: The over-30s are more likely to adopt cybersecurity good practice than their younger colleagues who have grown up with digital technology, finds a study by the Security division of global technology services company NTT Ltd.
The report focuses on generational attitudes to cybersecurity and identifies good and bad practice for organizations researched as part of its Risk:Value 2019 report, scored across 17 key criteria. This revealed that under-30s score 2.3 in terms of cybersecurity best practice, compared to 2.9 for 30-45-year-olds and 3.0 for 46-60-year-olds.
The data suggests that a person born in the digital age wouldn’t necessarily follow cybersecurity best practice. In fact, employees who have spent longer in the workplace gaining knowledge and skills and acquired ‘digital DNA’ during that time, sometimes have an advantage over younger workers.
Under-30s, who are born into the digital age, on the other hand, are more laid back about cybersecurity responsibilities. They adopt different working practices and expect to be productive, flexible and agile at work using their own tools and devices. However, half of respondents think that responsibility for cybersecurity rests solely with the IT department. This is 6% higher than respondents in the older age categories.
Top generational differences in attitudes to cybersecurity:
Key regional differences
Under-30s in Brazil and France emerge as cybersecurity leaders in their countries; the result of the French government’s cybersecurity agency’s specific focus four years ago to raise awareness of cybersecurity issues among children and students. In Brazil, digital infrastructure was rolled out later than in North America, Europe and Asia Pacific, meaning that middle-aged employees have had less exposure to digital. In the Nordics, USA, Hong Kong and the UK – all digitally advanced countries – older employees have plenty of ‘digital DNA’, but these countries must ensure that under-30s continue to learn and embrace cybersecurity skills and behaviours.
Link to the report: Cybersecurity and the next generation
India specific insights
For each organization in the research for the last two years, NTT analysed the responses for good and bad practice in cybersecurity. The results show a worrying lack of progress: in 2019 as in 2018, the average score was just +3, meaning that there is nearly as much bad practice as good practice. Thirty-two percent of businesses score less than zero: that is, they are exhibiting more bad practice than good practice. Businesses in India, a new country to the research, are now the best performing in the world for cybersecurity, ahead of the USA and the UK.