New SailPoint Survey Exposes Concerning Generational Differences Regarding Corporate Email Use and Cybersecurity Posture
Findings show younger generations conduct more risky behavior, with 93% of Gen Z workers utilizing corporate email for personal use
SailPoint Technologies Holdings, Inc. the leader in enterprise identity security, released its inaugural Trust Issues Survey, which aimed to identify gaps within organizations’ cybersecurity postures by analyzing workforce behaviors that blur work and personal lives, leading to security pitfalls.
According to the findings, more than half (59%) of all workers are using corporate email for personal use, but Gen Z is the biggest offender (93%). With these numbers growing as the lines between work and home increasingly blur amid the ongoing COVID-19 pandemic, SailPoint set out to determine how users’ behaviors when conducting these activities could put a target on any organization’s back for a cyberattack or data breach.
Examining workers’ awareness levels when it comes to identifying and acknowledging a phishing attack, the survey found 44% noticed that the number of phishing messages they’ve received is up year-over-year. However, there are glaring generational differences when it comes to their behaviors that are putting Baby Boomers, Gen X, Millennials, and Gen Z – and their employers – at risk.
Marketing Technology News: Backblaze Strengthens Leadership With Two New Board Members
“Over the last year and a half, we’ve seen countless, high-profile cyberattacks, stemming from email activity, that have brought organizations – like retailers, currency exchanges, and healthcare organizations – down to their knees”
Highlighted findings from the report include:
Social media is fueling malicious attacks – especially against Gen Z
In this day and age, an email is required to create any kind of online account – including social media profiles. While these sites are traditionally meant for personal use, the survey found that Gen Z (77%) and Millennials (55%) are using corporate emails for their social media logins, compared to just 15% of Gen X and 7% of Boomers. Considering the frequency and reach of social media hacks today (e.g., more than half a billion Facebook accounts were stolen just this April), risk is on the rise, with new potential doorways being opened every day.
The holidays signal greater corporate threats from younger generations
Ahead of the holiday season, nearly one in three workers (29%) say they use their corporate email for online shopping (Boomers are the least likely to engage in these activities, with only 3%). More urgently, 39% have received a phishing message impersonating a retailer, and 22% have received a message impersonating a marketing email. On the heels of one of the busiest online shopping seasons ever (Mastercard reported a 47.2% gain in e-commerce during the 2020 holidays), consumers can expect increased phishing attacks and retail breaches in the coming months.
Marketing Technology News: MarTech Interview with Damien Mahoney, Co-founder and CEO at Stackla
Boomers are more well-equipped to deal with a phishing email
Despite being confident in their ability to detect a phishing message – 94% are confident or very confident in their ability to detect a phishing message – only 29% know how to appropriately react to a phishing email (forwarding it to IT). When pressed on how they would respond to a suspicious-looking email with a link or attachment, 46% of Gen Z respondents said they would open the link or attachment, compared to just 1% of Boomers (29% of Millennials and 4% of Gen X would also open the link or attachment).
“Over the last year and a half, we’ve seen countless, high-profile cyberattacks, stemming from email activity, that have brought organizations – like retailers, currency exchanges, and healthcare organizations – down to their knees,” said Heather Gantt-Evans, CISO at SailPoint.
“By using corporate email for personal use, employees are inadvertently expanding the threshold for malicious actors to enter into a corporate network, completely unnoticed. As demonstrated by the data, most don’t know what to do if they see suspicious activity, but with proper education and training, we can deter these types of events to ensure business remains operating as usual.”