Just because they are digitally native, it doesn’t mean that millennials are better at cybersecurity than their older peers.
That is the conclusion from new research from Proofpoint, the cybersecurity company.
It noted that millennials continue to underperform other age groups in fundamental phishing and ransomware awareness.
“Effective security awareness training must focus on the issues and behaviours that matter most to an organisation’s mission,” said Joe Ferrara, senior vice president and general manager of security awareness training for Proofpoint.
“We recommend taking a people-centric approach to cybersecurity by blending organisation-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognise and report attacks.”
This is hardly the first time cybersecurity research has suggested that businesses should do more to improve their cyber defences by making their employees more aware of the digital threats out there.
Egress, SolarWinds and Infosys are just three other cybersecurity companies that have warned about how unaware staff members could become big risks for an enterprise’s digital defences.
The Proofpoint report also found that the number of potential phishing emails received by businesses increased by 67% in 2019.
Having surveyed over 600 security professionals across the US, the UK, France, Japan, Spain, Germany and Australia, the researchers noted that over nine million suspicious emails had been received by companies.
Of the people polled, 55% of their businesses had suffered a successful phishing attack and 88% had reported attacks. Moreover, 86% reported BEC attacks, 86% reported social media attacks, 84% reported SMS/text phishing (smishing), 83% reported voice phishing (vishing) and 81% reported malicious USB drops.
Proofpoint’s research also revealed that 65% of companies had experienced a ransomware infection in 2019. Of those attacked, 33% opted to pay the ransom while 32% did not. Of those who negotiated with attackers, 9% were hit with follow-up ransom demands.
Unfortunately, 22% never got access to their data, even after paying a ransom.
The report comes as the ransomware attacks are becoming even worse. A new report from cybersecurity company Coveware revealed that businesses suffering from infections being out for up to 16.2 days on average, up from 12.1 days in the third quarter of 2019.
The same report showed that hackers are also becoming even more demanding, with the average more than doubling from $41,198 to $84,116 between the third and the final quarter of 2019.
Copyright © 2018 RegTech Analyst