This website uses cookies to ensure you get the best experience on our website. Learn More

7 Ways Millennials Are Impacting Your Security Awareness Programme

16 August 2017 15:33

With mobile devices glued to their palms, and just about any random application you can think of being downloaded, surely they pose just as big of a risk as the older crowd? Here's 7 ways millennials are impacting your security awareness program.

An animated image of millennials holding up mobile devices.

It seems as though the older generations, especially the baby boomers, get hammered with cyber security criticism. It's assumed that the majority of people aged 60+ aren't technical enough, and just don't realise the threats of phishing and social engineering.

But what about the younger generations?

With mobile devices glued to their palms and just about any random application you can think of stored on their phone, surely they pose just as big of a risk? Well, 55% of IT security professionals certainly think so. 

Many security awareness programs aren't catering to the needs of millennials. Mobile devices, working from home and social media are just a few of the untouched problems facing companies. But don't worry, we've got you covered.

Here are 7 ways millennials are impacting your security awareness program...

#1 They have a heightened sense of security

In contrast to older generations, millennials have grown up with technology throughout their entire lives. Trust in technology then comes by default, as a person is surrounded by tech and gadgets from day one.

If there’s something that’s making your day-to-day life a tad less convenient, then you can bet your bottom dollar there’s an app out there to obliterate it. For millennials, functionality now comes before any consideration of risk. Mobile phones will be crammed full of apps that offer little to no privacy or security


Bring users up-to-date on caution needed when storing data online, downloading apps, and doing other sensitive tasks. Avoid using the old ‘scare tactic’, but point out that there is a risk inherent in any data storage or new technology in which you place your trust.

#2 They're hooked on social media

It isn’t just millennials that feel as though they're trapped in a forest and disconnected from the world every time their phone dies -- we’re all pretty hooked on connectivity now. But many younger users tend to live their lives in the view of a social media profile.

Personal information such as birthdays, location, employment and educational history, are flung about without a second thought. It’s pretty much a dream for social engineering -- yet many younger users aren’t even aware of what social engineering is.


Provide proper awareness of the risks of social media use during and outside of work. Some companies have even created Twitter accounts for their security programs, aiming to get more engagement with their employees.

#3 They're stocked up on devices

The majority of millennials tend to have their mobile phones glued to their hands during their personal time. But the introduction of bring your own device (BYOD) into the workplace, means that users can now use their phones, tablets and laptops -- creating a host of risks for security.

The younger generation has a number of devices, and can now store organisational data on them with ease. And using these devices to connect to the company network can create a barn door for an attacker to enter.


Many businesses tend to focus their awareness programs solely on workplace risks. It’s hugely important for all companies to start adding remote working and personal devices into the mix. Bring attention to the importance of keeping personal information and devices just as safe as you would with the company's.

#4 They're more curious

Shorter attention spans aren’t always a bad thing. Millennials are more likely to seek out information and explore topics in passing conversations -- and they’re used to readily finding information that satisfies their curiosity.


Try to take full advantage of this. Awareness materials should be easily accessible. Make it easy for users to access security information, awareness videos and modules, b posting them online or with use of a portal. If the material is mandatory, make a deadline, but allow for convenient learning. Maybe they’ll even have a look out of pure curiosity (we can only dream!).

#5 They have shorter attention spans

This statement may sound pretty damn patronising, but heavy research shows that people now have shorter attention spans. And when you think of the constant bulletins of quick-fix information we get from the likes of Twitter and Snapchat, it starts to make sense.


Tailor your awareness program accordingly with shorter awareness materials. The days of long, drawn out training days are (hopefully) a thing of the past. Training should brief but consistent, otherwise, the majority of information you’re giving out will more than likely be forgotten pretty soon. Awareness material, such a poster, is also a good way to add some ‘lighter’ awareness.

#6 They are more socially aware

There’s pretty much no downside to this factor. Millennials have been raised in a much more environmentally conscious world. As a result, they’re much more likely to have the urge to create a positive impact on society - whether it be political, cultural or environmental.


You can use this attitude to promote the values of good security behaviour. After all, being secure isn’t just about protecting yourself, it’s about protecting your company, customers and colleagues. Making it clear that a number of people benefit from security practice (as well as those that suffer from bad practice) can help them buy into the program a little bit more.

Educate your users. Secure your business.

#7 They're used to speed and convenience

Advancements in technology often mean an increase of speed and convenience, and that's exactly what millennials are used to. This has ingrained the drive for efficiency more than in older generations.


It’s important to work with the operational side of the business, in order to embed practices into the workflow of the company. This can result in better adherence towards the awareness program, as it can become harder for people to bypass procedures.

Subscribe To Our Blog