As digital natives, Gen Z (born between 1997 – 2012) is often perceived to be technologically savvy, but their security online is what needs to be protected. Indeed, they excel in adapting to new technology, mastering social media, learning quickly and transitioning seamlessly to digital learning and remote work. This internet-dependent generation has never known a world without the internet and sees the web as the starting line to the world and their own activities, an intrinsic part of their everyday lives.
However, when it comes to enterprise technology and cyber security, their actual experience and understanding may be lacking, leading to significant risks. This creates huge vulnerabilities for organizations and for themselves, as human risk remains a leading cause of data breaches, with 95% of cyber security issues being traced to human error according to the World Economic Forum (WEF).
According to the National Cybersecurity Alliance and CybSafe’s Annual Cybersecurity Attitudes and Behaviours Report 2023, some 43% of Zoomers (as GenZ are also aptly termed) have lost money due to cybercrime. According to another survey by EY Consulting, this younger generation are more likely to use the same passwords for personal accounts and work, making it that much easier for hackers to hack into work locations.
Gen Z predominantly communicates through online platforms such as social media, instant messaging apps and video calls. This heavy reliance on digital channels heightens their vulnerability to phishing attacks and privacy breaches. They also demonstrate a preference for online shopping and digital payments, increasing the likelihood they may become a victim of fraud and identity theft. Understanding and addressing these vulnerabilities is crucial for enhancing the security posture of organizations employing Gen Z workers.
Where does the risk lie?
Gen Z’s tendency for sharing information online significantly increases their vulnerability to identity theft and social engineering attacks. They often share detailed aspects of their lives, including personal achievements, locations, where they work, relationship statuses, and even minor day-to-day activities. While intended for friends and family, this oversharing creates a rich repository of data that can be exploited by cybercriminals. With Gen Z cultivating a deep online presence, it isn’t surprising that a Deloitte study found them three-times more likely to fall victim to cyber scams than baby boomers. Furthermore, when targeted by these types of attacks, the NCSA has reported that a shocking 34% of Gen Zs failed to report being a victim of harmful cyber activity.
Cyber hygiene and security practices are also a concern amongst the youngest generation in the workforce. Another aspect is the widespread disregard for software and hardware updates among Gen Z workers, as highlighted by EY who found that 58% admit to ignoring these crucial patches. Failure to promptly install updates leaves devices and systems vulnerable to exploitation by cyber threats, as updates often contain patches for known vulnerabilities and security loopholes. This lax attitude permeates multiple security practices, as attitudes towards password security among Gen Z poses a significant risk, with the same EY study finding one-in-three individuals reusing passwords across professional and personal accounts, increasing the likelihood of unauthorized access. At other times, this group will depend on storing their passwords in the memory of their digital device or cloud storage, increasing the risk of these passwords being found out.
This begs the question, why are the most digitally savvy generation not more conscious of cyber security? Gen Z may use technology with a high degree of comfort and fluency, but this is largely attributed to an over-reliance on technology for daily tasks. Many Gen Zs will simply view technology as a convenient tool that makes life easier, and this focus on convenience can result in the overlooking of “time consuming” security measures. This has led to extreme complacency amongst young people who are unable to grasp the risks associated with an activity as common as crossing the street. They also have a shorter attention span, caused by the constant flow of information, which have made them an expert at quickly filtering content but also making it more difficult for them to recognize cyber risks.
Gen Z has spent much of their adolescence using technology, without a formal education on cyber security. Despite recent educational programs increasingly integrating digital literacy into the curriculum, there is still a gap in comprehensive education on the topic. This limited academic and real-life experience with the consequences of poor cyber security practices has naturally led to over-confidence amongst Gen-Z when navigating their digital environment.
Why Gamification is Effective for Gen Z Learning
Traditional methods of training may not resonate with the new workforce. While organizations can provide technological guardrails for employees, such as endpoint protection on mobile devices, it is time for them to look at other ways to interact with Gen Zs in a way that will stick. Gamification, the application of game-design elements in non-game contexts, is particularly effective for engaging and educating Generation Z (Gen Z). Here are several reasons why gamification is beneficial for their learning:
Enhanced Engagement: Gen Z is accustomed to interactive and engaging digital experiences. Gamification leverages this familiarity, transforming traditional educational content into compelling, game-like activities that maintain their attention and interest.
Realistic Simulations: Gamification can create realistic phishing attack simulations that mirror actual threats. These simulations can be integrated into the workplace environment or learning platforms, allowing individuals to experience phishing attempts in a controlled and educational environment. This will help Gen Z identify the signs of a phishing scam and promote healthy skepticism when encountering potentially malicious links, in and outside of the workplace. Tailor-made training of workers according to their roles in the company and the risks associated should also be carried out e.g. encryption only for confidential data in specific departments.
Immediate Feedback: Games provide instant feedback, helping learners understand their progress and areas for improvement in real-time. This immediate response aligns with Gen Z’s preference for quick, actionable information and can significantly enhance their learning outcomes.
Increased Motivation: Gamified elements such as points, badges, and leaderboards create a sense of achievement and competition. This motivates Gen Z learners to set goals, strive for rewards, and persist through challenges, fostering a more proactive approach to their education.
Active Learning: Gamification promotes active rather than passive learning. Interactive challenges, quizzes, and problem-solving tasks require active participation, encouraging deeper cognitive engagement and better retention of information.
Collaboration and Social Learning: Many gamified learning platforms incorporate social elements, such as teamwork, peer interaction, and competition. These features resonate with Gen Z’s social nature and enhance collaborative learning, making education a more communal and supportive experience. Cyber security should also be perceived as a collective responsibility, with everyone playing an important role in such defense.
Customization and Personalization: Gamified learning platforms can be tailored to individual learning styles and paces. Gen Z values personalized experiences, and customization options in gamified education help cater to their unique preferences, improving overall effectiveness.
Real-World Skills Development: Gamification often involves problem-solving, strategic thinking, and decision-making. These elements help Gen Z develop critical real-world skills, such as critical thinking, adaptability, and creativity, which are essential for their future careers.
Gamification aligns well with the characteristics and preferences of Gen Z learners. By making cyber security education more engaging, interactive, and rewarding, gamification can significantly enhance the learning experience, leading to better outcomes and more motivated, safety savvy employees.
“Gen Z may be tech-savvy, but their digital fluency masks a dangerous complacency towards cyber security. To safeguard our future, we must rethink training with gamification and the simulation of real-life threats encountered inside and outside the workplace, advised Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East. “To stay vigilant against threats such as phishing it is important that all employees, from Boomers to Gen Zs, learn to verify senders, scrutinize recipient lists, be mindful of unusual subjects or timing, avoid unfamiliar attachments or links and beware of messages demanding urgent action.”
