Home Security Millennials ‘greatest’ security risk to data in workplace: study

Millennials ‘greatest’ security risk to data in workplace: study

Millennials pose the greatest risk to sensitive and confidential data in the workplace, according to a new study which found that nearly three quarters (71%) of Australian security, IT and business professionals consider the growing number of millennials to be an increasing risk to the IT infrastructure.

According to a recent study by the Ponemon Institute and Citrix, millennials (1977 and 1992) bring to the workplace a growing number of mobile apps, devices and new methods of information sharing and collaboration that pose heightened security risks for businesses.

The study reveals that more than half (55%) of ANZ respondents consider millennials to pose the greatest risk to sensitive and confidential data in the workplace, compared with 26% for Gen X and 19% for Baby Boomers.

And alongside millennials posing the greatest risk of using unapproved apps or devices in the workplace (40%), each generation is also susceptible to different kinds of security vulnerabilities:

  •     30% said Gen Xers, born 1965-1980, were most likely to be negligent or careless when following organisational security policies.
  •     32% said Baby Boomers, born 1946-1964, are most susceptible to phishing and social engineering scams.

And Citrix says the situation is compounded by the fact that the average cost of a cyber attack to Australian businesses is about $622,000 and about three quarters of all Australian businesses have been attacked in the past year, with as many as one third being attacked in one month alone.

According to the study, the need to put in place a robust IT security infrastructure is coupled with security executives experiencing a lack of support and confidence in their ability to protect their organisation’s security.

“Australia has been on the receiving end of numerous cyber attacks, including a recent, high-profile stinging attack on the country’s Bureau of Meteorology. Cyber crime alone poses a real threat in Australia, with the Australian Crime Commission estimating the annual cost of cyber crime to Australia is over $1 billion in direct costs,” says Les Williamson, vice-president, APAC region, Citrix.

“With that in mind, it’s particularly concerning to see that ANZ security professionals don’t feel confident they can protect their organisations’ security, especially with the new working behaviours we’re seeing from millennial employees.”

According to Williamson, the modern workforce is more flexible and “traditional security approaches need to evolve to keep up especially with the stakes so high”.

“A more flexible IT security architecture must consider the needs of the workforce, including generational differences. It should extend beyond traditional fixed end-point security approaches so it delivers threat detection and protection of apps and data at all stages. Ultimately, we at Citrix want to provide a secure foundation for apps and data across any location, network and device so businesses can eliminate security threats and focus on their company and customers.”

To tackle new security risks within the workplace, 72% of ANZ respondents to the survey said a new IT security framework is needed to improve their security posture and reduce risk.

But, when it comes to this new key area of risk — the influx of new, unapproved apps and devices — ANZ professionals do not feel confident in their ability to defend their organisation, and when asked about their effectiveness in reducing the risk from these, 36% felt ineffective, compared with 30% globally.

The survey revealed that ANZ security execs also feel unsupported and lack confidence in their ability to defend their organisation’s security, even though the majority (88%) of Australian organisations invest more than $1 million in their information security budget.

As part of the study, respondents were asked to rate their effectiveness in six key areas of security protection.

In each category, ANZ professionals had less confidence in their ability than the global average, which is further supported by more than two thirds (69%) of ANZ respondents saying their senior leadership does not view cyber security as a strategic priority.

The six key areas of security protection are:

  •        Protecting sensitive apps and data at rest, in use and in motion: 33% of ANZ professionals felt ineffective, as opposed to 24% globally;
  •        Access control and multi-factor authentication solutions in protecting information on devices, servers or in the cloud: 39% of ANZ professionals rated on the lower end of the scale, compared with 28% globally;
  •        Reducing the risk from an influx of new, unapproved apps and devices: 36% in ANZ felt inefficient compared with 30% globally;
  •        Ensuring continuity and ongoing business operations when disruptions occur: 30% in ANZ compared with 23% globally; 
  •        Ensuring the availability and performance of traffic over any network: 14% of ANZ professionals felt ineffective, as opposed to 13% globally; and
  •        Reducing the risk of attacks such as DDoS, browser and ransomware: 24% in ANZ vs. 20% globally.

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).