When It Comes to Cybersecurity, Millennials Throw Caution to the Wind
June 30, 2015
Despite being the first generation to have grown up using the Internet, studies indicate millennials can be surprisingly unaware of online security threats they face.
In fact, a 2013 survey by Marble Security, a mobile threat intelligence and defense company, found that 26.2 percent of young adults born in the U.S. between 1980 and 2000 have had an online account hacked, compared with a 21.4 percent national average.
To make matters worse, many millennials continue to engage in risky behaviors online. A study last year by the National Cyber Security Alliance and Raytheon found that 72 percent of the 1,000 millennials surveyed had connected to public Wi-Fi not secured with passwords, and 52 percent had plugged in a USB device given to them by someone else. Another study from Raytheon in 2013 reported that 23 percent of millennials admitted to sharing an online password with a nonfamily member within the past year.
Joan Goodchild, editor-in-chief of CSO, an online source for news and research related to security, says because millennials value productivity and speed when using technology, they tend to see security as a hindrance to efficiency. "Millennials, who have grown up around technology and are so used to using it, might not view that device they are bringing to work or that computer they have been given to get their work done on as something as insecure," Goodchild says. "They really see it as a tool to get things done."
Such was the case for 20-year-old Samantha Sharman, who had her email and Facebook account hacked when she was 16 after she put her username and password into a fake browser. Sharman, a student at Washington and Lee University, says before the attack, she was not concerned about online security, nor did she make sure she was protecting herself from online threats. "It was kind of just completely out of the blue – I wasn't really expecting it," she says.
Despite the high number of hacks, a Gallup poll earlier this year found that 44 percent of millennials believe their personal information is kept private "all the time" or "most of the time" by companies they do business with. In comparison, only 32 percent of Generation X and baby boomers believe their information is this secure. Ira Winkler, president of the security awareness company Secure Mentem, says millennials' comfort with technology sometimes causes them to be less careful about sharing their information online.
"Everybody thinks millennials have been using tech from the start, so therefore they know all the problems, they know all the pitfalls and they're much more aware," Winkler says. "That's almost exactly the opposite."
Lance Hayden, adjunct faculty member at the University of Texas at Austin School of Information and author of "IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data," says because young adults have digital technology so embedded into their world, they tend to be less scared of its ramifications. As he puts it: "If you're very familiar with driving, you know that driving can be dangerous, but you don't freak out every time you get behind the wheel."
However, experts note that millennials' attitudes toward security change after they become victims of attacks. NCSA and Raytheon found 70 percent of millennials changed an online behavior following a cyberattack, such as no longer storing financial information on retail websites or being more careful about what they downloaded to their device.
"This is some evidence that millennials respond to the environment that they're in, and when something bad does happen, they change their behavior, and that's actually a good sign," says NCSA executive director Michael Kaiser.
Sharman, for example, now uses different passwords for all her online accounts and exercises more caution when looking at unfamiliar websites.