Millennials realize security is their responsibility and have upped their game to keep their private information safe and they show a keen interest in cybersecurty jobs but don't know exactly what that entails, according to a Raytheon-NCSA Millennial survey.
In the report, “Preparing Millennials to Lead in Cyberspace," released Wednesday, 87 percent of the 1,000 respondents polled by Zogby Analytics said that they were responsible for keeping themselves safe and secure online.
And the findings show that young people between 18-26 years old make an effort to stay current on threats — more than two-thirds regularly follow cybersecurity developments, with 20 percent of those saying they get information from news outlets and 12 percent turning primarily to government sources.
That Millennials are taking precautions and better protecting themselves — privacy concerns kept 40 percent from downloading an app in the month prior — is good news about a generation that is known to be facile with technology but careless when it comes to security. Only 31 percent in last year's survey claimed privacy concerns dissuaded them from downloading an app.
Their caution may stem from the fact that 60 percent fell victim to an online violation in the year before that prompted 70 percent of the victims to change an online behavior in response. Well more than half, 62 percent, changed their passwords while two-thirds, or 66 percent, no longer store their financial data on retail sites. And 29 percent said they are more careful about what they click on.
Changing passwords on social media occurred at a greater frequency, growing from 29 percent last year to 40 percent in the 2014 survey.
But while there has been marked improvement in this generation's awareness of security issues and willingness to modify behavior and follow better security practices to safeguard themselves, Millennials still make some missteps.
“They're more concerned about security, but they're still engaging in risky behavior,” Jeff Jacoby, program engineering director of Cybersecurity and Special Missions at Raytheon, told SCMagazine.com.
For instance, in the three months before being surveyed, 72 percent connected to public Wi-Fi without a password and 52 percent plugged into a USB device, such as a memory stick, that someone else gave them.
“Millennials are the cyber generation, so they've basically grown up in a connected world. The concerns that Millennials have for such risks as ID theft and malware infections are similar to the population as a whole,” Michael Kaiser, executive director of the NCSA, told SCMagazine.com in an interview. “They are expressing increasing desire to be to seek a career in protecting the Internet but aren't getting enough information about the trajectory for making that a reality.”
The survey showed that the group was more likely to be interested in a career in computer science rather than in medicine, politics or Wall Street. App developers drew the largest thumbs up at 35 percent while cybersecurity appealed to 25 percent of those surveyed. While nearly 40 percent claimed to have a greater interest in a career that would make the Internet safer than they did 12 months ago, they lack understanding of just what that might entail. Nearly two-thirds said they didn't know what the cybersecurity profession is.
“They're interested in working in the field of cybersecurity,” said Jacoby. “But they still want more information [because] they don't know what it means.”
The findings indicate that young people need greater exposure to security professionals, executives, educators, curricula and after school activities to prepare and educate them on cybersecurity careers as well as healthy and safe security practices. That's not to say that educators haven't made headway — 40 percent of the respondents said that a teacher, counselor or adult in an extracurricular program broached the ideas of a cybersecurity career. That's up from 18 percent in last year's survey.
To get young people interested, though, schools and the industry are going to have to up their game. A whopping 64 of those surveyed didn't have access to computer classes in high school — including computer science — needed to help build the cyber career skills.
"This is not to fault schools – they have enough on their plate and they themselves don't have the knowledge about this sector,” said Kaiser. “What this shows is an opportunity for cybersecurity businesses and community members to collaborate with educators on cybersecurity awareness programs, including cybersecurity as a career."
They need to be groomed early, too, according to Jacoby, who's a fan of awareness training and education at the K-12 levels.
Computer science curricula and awareness campaigns can be used to teach good online hygiene as well, which will have a rippling effect, according to Jacoby. “What we do as individuals has ramifications on national security,” he noted, praising Department of Homeland Security's Stop. Think. Connect. campaign, which Kaiser notes is “the first-ever coordinated message by NCSA and the APWG (Anti-Phishing Working Group) to help all digital citizens stay safer and more secure online.”