Decision Makers Point the Finger to Younger Employees When It Comes to Security Breaches. Are They Right?

Centrify, a company that offers solutions that secure enterprise identities against cyber threats, commissioned a study on the attitudes of the next generation workforce – workers aged between 18-24 years – in relation to cybersecurity.

The study was conducted by Censuswide, a company that specializes in surveys for the PR and media industries. It collected views from 1000 next-generation workers and 500 decision makers in UK organizations. The purpose was to gauge how security, privacy, and online behavior in the workplace impacts the lives of younger employees and the companies that they work for. For the purpose of this article, we will focus on the impact on the companies.

While some of the concerns raised by decision makers in the survey are perfectly legitimate, their reaction to employee behavior has been lacking. Here are some of the findings that might interest you:

More than a third of senior executives blame younger employees for data security breaches at the workplace, identifying them as the “main culprits”.

But the study also revealed that the senior executives do very little when it comes to allaying their own fears: Over a third of those younger employees are able to access any files on their company network; only one in five have to request permission to access specific files; and less than half have their access restricted to files that are relevant to their work.

Password sharing topped the list when it came to what keeps decision makers awake at night, with 56% of managers citing it as their main worry. While 15% of younger employees admitted to freely share passwords with colleagues, similar to the previous stat, another paradox lies in the fact that almost a third of younger workers (29%) said that they were left to decide for themselves when to change passwords. Only 40% of employers enforce a regular password change

One in five workers is indifferent to the effect their social media activity on their employers. 18% also admitted that their posts could compromise employers’ security and privacy policies. But only less than half (48%) say their company has social media guidelines in place.

40% of decision-makers are concerned about younger employees’ misuse of devices: 35% say they are too trusting of technology; 30% worry that they share company data too easily.

But in fact, only 1 in 10 of the 18-24-year-olds surveyed said that they’ve clicked on a suspicious link, and 7% admitted to removing information from the company. By contrast, compared to the younger workers, twice as many managers had clicked on suspicious links and twice as many had removed information from the company.

Finally, decision-makers also said the next generation of workers have a good awareness of the Dark Web, underground hacking, and crimeware, but only around half said that their company has strict guidelines in place that deal with such behaviors.