New research suggests millennials, highly valued by many employers for their tech smarts, may actually be the weakest demographic link in Canada when it comes to cyber security.
Despite fearing cyber crime less than all other surveyed age groups, millennials are the most likely to share their passwords and have been victimized by cybercriminals more than any other demographic, according to a Symantec Corp. poll of 1,004 Canadians.
Although the survey focuses on personal technology use, its findings could prove eye-opening for workplace managers due to the bring-your-own-device (BYOD) phenomenon. (In a 2013 Avanade study, over half of Canadian businesses said the majority of their employees used personal devices to do company work, a number that has likely increased since then.)
In the new Symantec report, almost one quarter of all Canadians surveyed admitted to sharing their passwords for email, banking, social media or online entertainment accounts. The majority of them (35 per cent) were millennials aged 18 to 34, followed by those aged 35 to 54 (20 per cent) and the 55-plus baby boomers (18 per cent).
Most of the people surveyed (42 per cent) believe white-haired Canadians are the most likely to fall victim to black hat hackers. In reality, Canadians aged 55 and up suffered the lowest amount of cyber crime with just 16 per cent reporting they’ve been victimized online during the past year. Millennials were the hardest hit among all groups, with 29 per cent reporting a cyber incident during the previous 12 months.
Millennials also appeared to exhibit a false sense of security about their likelihood of being duped by online criminals. While 28 per cent of them believe they’re “not interesting enough” to be targeted, 54 per cent of respondents in their age group say they’ve actually been cyber victimized already. In addition, although 76 per cent of baby boomers (and 70 per cent of all Canadians polled) believe identity theft is more likely than ever before, only 66 per cent of millennials share that same fear.
At a Toronto event where Symantec released its findings, panelist Stefano Tiranardi said the survey data didn’t surprise him because millennials’ idea that “others will take care of them” – whether it’s their parents or the government – has probably bled over into their attitude about cyber security.
One of his fellow panelists said the issue is far more widespread than millennials.
“I think it’s common behaviour to say it can’t happen to me,” said Det. Const. Kenrick Bagnall, an investigator at the Toronto Police Service’s cyber crime unit.
The Symantec data give weight to that statement. Across all age groups, only 38 of Canadians say they “always” use a secure password. That low figure helps explain why, according to the study, over seven million Canadian consumers have been victims of online crime in the past year that cost them $2 billion collectively or about 11 hours of their time individually.
Although 86 per cent of respondents say they worry they’ll be victims of online crime, one in five take no action whatsoever (such as checking their accounts or changing their passwords) after a public security breach announcement. A further 60 per cent would rather go on “a terrible date” than cancel their debit or credit cards after their account has been compromised.
Convenience over security
Tiranardi partly puts it down to the consumerization of IT, which has made tech users value ease and efficiency above online safety.
“It’s convenience over security, and convenience will win 100 per cent of the time, at least until human behaviour as we know it changes,” said Tiranardi, information protection specialist at Symantec Canada.
For the first time ever, Symantec explored the emotional toll of cyber crime on victims. Eighty-five per cent of Canadians said they would feel “devastated” if their personal financial information was breached and 78 per cent said having their identity stolen would be more stressful than sitting next to a screaming baby.