Cybersecurity in the Age of the Millennials

Millennials are often blamed for killing off traditional industries ranging from diamonds and luxury goods to chain restaurants and napkins. Technology plays a larger role in the daily lives of millennials than any other generation. They are often early adopters of new technologies and processes, leading the pack in smartphone, tablet, and social media use and ownership.

Regardless of your outlook on these trends, it cannot be ignored that millennials—the generation born from 1981-1996—have an increasing influence on the world around them. They are expected to make up one-third of the workforce by 2020, and they are challenging traditional processes and leaning into new technologies along the way.

Millennials are expected to make up one-third of the workforce by 2020.

The same bodes true for how millennials are transforming the workforce, particularly in how organisations implement digital transformation (DX) and practice cybersecurity.

Driving Digital Transformation

Millennials’ immersion in the latest technologies is the force behind global DX of economic and social relationships. DX-driven businesses such as Amazon, Netflix, PayPal, and Uber have not just been successful, they have rendered many non-digital legacy competitors obsolete.

In the workplace, mobile computing, bring-your-own-device (BYOD) models, and big data analytics have been long established as DX drivers. Newer technologies such as artificial intelligence (AI), Internet-of-Things (IoT) devices, and augmented reality (AR) or virtual reality (VR) are not only on the upswing, they are now essential to working millennials. This generation is often dissatisfied with old technologies in the office. And they are more likely to prefer high-tech offices equipped with AR/VR than traditional perks such as free snacks or a game room.

Understanding the Millennial Cybersecurity Gap

The proliferation of devices added to corporate networks are rapidly stretching the attack surface and creating unforeseen vulnerabilities.  While 45% of millennials say they do not trust companies to keep their personal data safe and do not share it, they tend to be careless about device and application security. A recent survey of 3,359 people between the ages 18 and 26 in nine countries found:

• 63% click on potentially dangerous links
• 42% share passwords with non-family members
• 74% in the U.S. use unsecured public Wi-Fi despite well-documented security risks

Millennials eager to reap the benefits of new technologies must be mindful of keeping valuable data within their devices secure. Understanding why protecting devices and accounts is essential to growing an organisation and critical to driving cybersecurity efforts.

Rapid technology change. Technology product and service lifecycles are getting shorter, and the pace of change is even faster for consumer devices. Cybersecurity teams must be more agile than ever to quickly understand how to defend a technology or business process before they evolve.

Threat landscape dynamics. New technologies expand the threat landscape in unexpected ways. Photos or videos shared on social media can contain hidden malicious code that breaches the corporate network, and unsecured IoT devices on the network can become access points for threats. Additionally, newer AR, VR, and AI devices are just as vulnerable to breaches.

Seamless security. Clunky, elaborate passwords and one-time security codes often negatively interfere with user experience and delay time to accessing the product. Biometric fingerprint sensors and single sign-on access are examples of more user-friendly security that doesn’t inhibit the device interaction.

Increasing oversight. Some governments and business are increasing regulation and oversight of digital processes as a means to safeguard data. The European Union’s General Data Protection Regulation (GDPR) was recently launched to protect user data and privacy. And in response to a proliferation of malicious content, Facebook, Google YouTube, and Twitter have cracked down on provocators of it.

Five Things for Security Leaders to Remember in the Age of Millennials

The rise of the millennial generation and DX go hand in hand. Measures to build security into products and services need to be taken with user dynamics of millennials and future generations into account. Following are some best practices security leaders can take to align cybersecurity with DX:

• Recognise the reality of DX. The truth is DX generates tremendous opportunities for business owners and cyber criminals alike. The best way to stay ahead of malicious threats is a proactive approach to security. Force them to react to your moves rather than the other way around. This requires transparency and unified controls across the entire attack surface and the different security elements that comprise the security infrastructure. It also involves streamlining and automating security workflows and threat intelligence, helping overburdened security teams to keep up the advanced threat landscape and shrinking the windows for time to detection to prevention and time to intrusion to response/remediation.

• Build security into new initiatives. Every business spending plan should include a section covering cybersecurity risks, countermeasures, investments, and operational processes to safeguard the initiative. Unexpected events or breaches can uproot even the most well-conceived plan that overlooks security.

• Speed threat detection, assessment, and remediation. Focus new cybersecurity investments on improving real-time threat intelligence, threat analytics, and response capabilities. Due to the emphasis of DX on mobile and widely distributed IoT devices, endpoint protection and network access control should also be emphasised, although it will take a more integrated approach to traditional desktop and laptop-focused endpoint protection.

• Understand government regulations. It is important to know the regulatory, compliance, and legal implications of both ongoing and new digital business initiatives. Even geographically defined standards such as GDPR can greatly influence legislation beyond their immediate impact areas. They can also set user expectations for global fair practices.

• Hire more millennials on your security team. Millennials can bring an organisation up to speed with insights on new technologies and how to secure them. No one knows better about how their generation perceives and reacts to cybersecurity measures. Unfortunately, only 9% of millennials indicate they are interested in pursuing a cybersecurity career, according to a recent report, so this may be easier said than done.

DX and millennials have set the bar as the new normal for both the global economy and cybersecurity. As this generation continues to enter the workforce, be prepared for the development of more innovative, industry-bending products and services incorporating the latest technologies. Security leaders must keep cybersecurity at the forefront of best practice initiatives to ensure future innovations remain both life changing and safe.