Gen Z excels at tech—but struggles with security awareness

Born into a world of smartphones and social media, Generation Z is often praised for being “digital natives.” But their comfort with technology may also expose organizations to new cybersecurity risks as this generation becomes a major part of the workforce.

Tech-savvy, but vulnerable

Gen Z has grown up online—using computers, tablets, and phones from early childhood—and that familiarity gives them an edge in digital workplaces. Yet, as Nick Kathmann, Chief Information Security Officer at LogicGate, notes, this fluency doesn’t necessarily translate into security awareness.

Research shows that while Gen Zers quickly adapt to new tools, including artificial intelligence, they are also more likely to fall for phishing scams than older generations. That mix of confidence and complacency makes them both valuable and vulnerable.

By 2030, Gen Z is projected to represent 30% of the U.S. workforce, making their digital habits an increasingly important factor in corporate risk profiles. “Smart, early-career employees are a company’s greatest asset,” Kathmann writes, “but it’s critical to understand and mitigate the risks each generation brings.”

Different habits, different risks

Every generation approaches technology differently. Gen Z’s relationship with cybersecurity is shaped by growing up in an era when data breaches were common news—a reality that may have desensitized them to online threats.

In the U.S., where banks and companies often quickly reimburse victims of fraud, many young people see hacking as an inconvenience rather than a catastrophe. This reduced sense of consequence can lead to riskier behavior online.

At the same time, Gen Z’s willingness to adopt new tools—especially AI—can boost productivity and innovation. But it also introduces new vulnerabilities if sensitive data is shared with third-party AI systems without strong governance in place.

Another key factor is how Gen Z works. They are a “phone-first” generation, often preferring mobile devices over desktops. That flexibility helps them stay productive anywhere, but it complicates security for IT teams, particularly in workplaces with bring-your-own-device (BYOD) policies.

Smarter security, less friction

Kathmann argues that managing generational risk starts with solid fundamentals. Cybersecurity training remains crucial—especially training that explains why policies exist, not just what to do. Gen Z, he says, tends to follow rules more readily when they understand the reasoning behind them.

Technical safeguards also matter. Measures like multifactor authentication (MFA), device verification, and passkeys can block many common attacks. Modern, biometrics-based MFA tools now make security nearly frictionless, reducing the temptation for users to bypass protections.

Adopting a zero-trust security model—where employees only access systems and data essential to their roles—can further limit damage from breaches. Combined with ongoing incident simulations and response exercises, these measures can ensure that organizations are prepared to act quickly when threats arise.

Turning risk into resilience

As Gen Z becomes a cornerstone of the workforce, companies have an opportunity to rethink how they balance security and usability. “Limiting risk is often more about will than skill,” Kathmann notes, urging leaders to use generational differences as a catalyst for better risk management.

By reducing friction, modernizing training, and embracing zero-trust principles, organizations can strengthen defenses across all age groups—while empowering digital natives to use their strengths responsibly and securely.

Nick Kathmann for Fortune (October 2025), LogicGate analysis.

This article is made and published by Asger Risom, who may have used AI in the preparation