The Generation Gap in Cybersecurity: Centrify Research Launch
Last night, EM360 was invited to Centrify's press launch on their research into Security, Privacy and the Next-Generation Workforce. We sent three millennials off to London's trendy Royal Hospital Club to determine whether the study revealed the “innermost thoughts of the next generation,” as intended.
From ‘Sex on the Breach' cocktails to a video brochure, it appeared that Centrify was endeavouring to bewilder its predominantly mature audience. Our office millennials felt right at home.
Centrify delivers Zero Trust Security through Next-Gen Access, and its model assumes that “users inside a network are no more trustworthy than those outside the network.” They interviewed 1,000 UK office workers aged 18-24 alongside 500 UK Senior Decision Makers, and both age groups had to spend at least 25% of their time in the office.
The study intended to discover how young workers perceive cybersecurity, and the impact of hacks and breaches on their lives. This data was then situated in conjunction with the concerns of senior decision makers - and the results are hardly surprising.
According to the study, 35% of decision makers believe that younger employees are mostly to blame for workplace data breaches, and 37% think that young workers are far too relaxed when it comes to security measures.
These concerns were somewhat overstated, however, and the research found that decision makers often fail to practice what they preach. Almost twice as many managers had clicked on a suspicious link compared to younger workers, which is somewhat paradoxical considering that managers saw malware as the single biggest security risk to their company.
The managerial hypocrisy didn't stop there. At 15%, twice as many managers had removed information from their organisation, and 14% had logged onto a risky website, compared to 7% of those in the next-generation workforce.
Nevertheless, younger workers illustrated an alarming disregard for password security. 14% of the respondents used the same password across personal and professional devices, but they also asserted that only 40% of their managers actually enforce a regular password change.
Next-generation workers are “tech-savvy, adventurous, and hooked on social media”, according to Centrify. 13% of young employees admitted to posting personal updates on social media at work, and 48% of senior executives were worried about how younger workers interact on these highly visible networks.
Social media was a weak spot for the next-generation workforce, and only 18% recognised that their posts had the potential to compromise company security. Despite this, one in five businesses are failing to provide younger workers with clear guidelines on basic security like use of workplace devices and data management.
35% of managers were worried that younger workers placed too much trust in technology, but it seems like the same anxious managers are failing to implement sufficient security measures.
Centrify recommends that decision makers can address these issues by putting technical controls in place, refining security policies, and communicating them effectively to employees. Centrify asserts that “the age gap has been a perennial theme for hundreds of years.” This research clearly highlights the disparity between senior executives and their successors, beyond their varying opinions on punny cocktails and futuristic video brochures.
The assumption that next-generation workers are the root cause of cybersecurity problems, however, is evidently false. If managers are able to demonstrate a commitment to security through their own policies and actions, then the next-generation workplace will be inclined to follow.