Gen Z’s cybersecurity readiness faces challenges

Sponsored by

Your machine data knows things: Unlock it with Splunk and get game-changing insights—plus a critical resource to power AI. Tapping into machine data can boost your security and reliability. See more.

There’s an assumption in cybersecurity that the youth—Gen Z—are more savvy than their older counterparts. That’s not necessarily true.

In a December panel discussion hosted by software security company Veracode, “How Gen Z Is Reshaping the Cyber Threat Landscape,” participants covered how different generations approach cybersecurity. The conclusions were somewhat surprising, particularly for Gen Z.

Young town. Digitally native Gen Z might be expected to exercise more caution online. But, according to panelist Caitlin Sarian, a cybersecurity influencer who goes by Cybersecurity Girl, that’s not the case. In fact, growing up immersed in tech may make younger people even more susceptible than older generations.

“I want to put this to bed, because a lot of people are like, ‘Oh, my parents, my grandparents, I’m really worried about them,’” Sarian said. “Unfortunately, a lot of the scams are actually the younger generation getting scammed because most of them are born in and around technology, and they inherently trust everything that they do online.”

And attackers, especially those who are younger, are always pushing boundaries and making the environment more dangerous, Bianca Lewis, founder and CEO of Girls Who Hack, told the panel.

“That mindset definitely goes with being a kid, or being a teenager—you don’t have that set moral compass just yet,” Lewis said. “You’re okay pushing the boundaries a bit more, especially if those around you are doing the same thing.”

Aging out? That’s not to say millennials or Gen X—to say nothing of the baby boomers—are more savvy when it comes to keeping their activity and devices safe online. Chris Wysopal, Veracode chief security evangelist, told IT Brew in a January interview that while the challenges may vary depending on age, no one is safe.

“The user has to choose, if I want to have a stronger authentication, and I’m willing to go through that extra work,” Wysopal said. “People just don’t want to do that extra work, it’s extra cognitive load—older people, it becomes difficult for them in particular.”

Talking ’bout some generations. There aren’t any easy answers for IT pros, said Carl Froggett, Deep Instinct CIO, and no silver bullet. Part of the problem is that, irrespective of generational concerns on the staffing side, technology and cyberattacks are rapidly evolving.

But not all companies are willing to take on the challenge of updating their tech to the newest security generation.

“There’s an organizational paralysis there, because you don’t want to admit that the $50 million you just spent two years ago needs to be replaced,” Froggett said. “We are used to things in security lasting for several to 10 years, or even 20 years.”