<< Back to article Print this page Loading page, please wait...

Millenials – are they the greatest hidden security threat?

By Les Williamson, Area Vice President, Sales & Services, Citrix A/NZ

Les Williamson (CSO Online)
10 August, 2017 09:09

With Australian businesses reporting over 114,000 incidents of cybercrime since 2014, 20 per cent of which have occurred in the past six months alone it is clear that the country is facing a very real and increasing threat, and is at risk of falling victim to major security incidents.

With incidents increasing in severity and frequency, impacting both the public and private sectors, the government has placed cyber-security at the top of the agenda. It is therefore key that organisations are proactive and consider all possible risk factors to protect their critical data, and offset the substantial finance implications of this disruption.

Millennials in the workplace

Recent research undertaken by Ponemon Institute and Citrix has highlighted some of the factors that are posing a risk to even the most robust of IT infrastructure; one interesting aside, was the increasing number of Millennials in the workplace.

The modern workforce is composed of three different generations and each has different views on information sharing, collaboration, technology, and the role security plays in each.

The Millennial generation is well educated, forward thinking and digitally literate – and will likely account for 54 per cent of the Australian population by 2030, rising up the employment ranks as Baby Boomers reach retirement age. In the Ponemon and Citrix study, 71 per cent of security, IT and business professionals from Australia and New Zealand consider the growing number of Millennials in the workplace to be an increasing risk due to a set of common behaviours and habits.

Often trading security caution for quick digital wins and convenience, Millennials are more likely to engage in risky behaviour, such as using personal devices to access work files (e.g. BYOD), using similar passwords across various uses and evading workplace security controls. As a result, over half (55 per cent) of ANZ respondents consider Millennials to pose the greatest risk to sensitive and confidential data in the workplace, compared with 26 per cent for Gen X and 19 per cent for Baby Boomers.

The blame cannot be fully placed on Millennials however, as the study shows that other generations are also susceptible to different kinds of security vulnerabilities:

30 per cent said Gen Xers, born 1965-1980, were most likely to be negligent or careless when following organisational security policies
32 per cent said Baby Boomers, born 1946-1964, are most susceptible to phishing and social engineering scams

A/NZ executives feel ‘ineffective’ in reducing these cyber security risks

When it comes to dealing with these new security risks within the workplace, A/NZ professionals do not feel confident in their ability to defend their organisation. When asked about their effectiveness in reducing the risk from these, 36 per cent of survey respondents felt ineffective, compared with 30 per cent globally – a worrying statistic in the current climate.

To tackle these new and emerging security risks within the workplace, nearly three quarters (72 per cent) of A/NZ respondents said a new IT security framework is needed to improve their security posture and reduce risk. However, AN/Z security executives also feel unsupported and lack confidence in their ability to defend their organisation’s security, even though the majority (88 per cent) of Australian organisations invest more than $1 million (US) in their information security budget.

Working towards a secure and flexible workplace

It is clear that a more flexible security architecture is needed that considers the needs of individual employees, including these generational differences, rather than treating a workforce as one group of homogenous beings. It should extend beyond traditional fixed end-point security approaches so it delivers threat detection and protection of apps and data at all stages. With the stakes so high, ultimately, we at Citrix want to provide a secure foundation for the delivery of apps and data across any location, network and device so businesses can focus on their company and customers. If you are interested in reading more about the Citrix and Ponemon Institute research, you can find the full whitepaper here.

Survey Methodology

The report conducted by the Ponemon Institute and sponsored by Citrix, The Need for a New IT Security Architecture: Global Study, looked at global trends in IT security risks and reasons why security practices and policies need to evolve in order to handle threats from disruptive technologies, cybercrime and compliance mandates. The research features insights from more than 4,200 IT and IT security practitioners in Australia/New Zealand, Brazil, Canada, China, Germany, France, India, Japan, Korea, Mexico, Netherlands, United Arab Emirates, United Kingdom and the United States.

Supplementary Information

As part of the study, respondents were asked to rate their effectiveness in six key areas of security protection. In each category, ANZ professionals had less confidence in their ability than the global average, which is further supported by more than two thirds (69 per cent) of ANZ respondents saying their senior leadership does not view cybersecurity as a strategic priority.

The six key areas of security protection are:

Protecting sensitive apps and data at rest, in use and in motion: 33 per cent of ANZ professionals felt ineffective, as opposed to 24 per cent globally
Access control and multi-factor authentication solutions in protecting information on devices, servers or in the cloud: 39 per cent of ANZ professionals rated on the lower end of the scale, compared with 28 per cent globally.
Reducing the risk from an influx of new, unapproved apps and devices: 36 per cent in ANZ felt inefficient compared with 30 per cent globally
Ensuring continuity and ongoing business operations when disruptions occur: 30 per cent in ANZ compared with 23 per cent globally
Ensuring the availability and performance of traffic over any network: 14 per cent of ANZ professionals felt ineffective, as opposed to 13 per cent globally
Reducing the risk of attacks such as DDoS, browser and ransomware: 24 per cent in ANZ vs. 20 per cent globally

Related Links

Study Results: The Need for a New IT Security Architecture: Global Study on the Risk of Outdated Technologies
Citrix CTO Blog: The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies by Christian Reilly
Infographic: Out with the old, in with the new
Citrix CSO Blog: Ninety-nine Problems and Security is the Biggest One by Stan Black
Behold! The IT Archeological Dig Yes, Complexity is the Enemy of Security by Florin Lazurca
Citrix.com/secure

Follow Citrix

Facebook.com/Citrix
Twitter: @Citrix

About Citrix

Citrix (NASDAQ:CTXS) aims to power a world where people, organizations and things are securely connected and accessible to make the extraordinary possible. We help customers reimagine the future of work by providing the most comprehensive secure digital workspace that unifies the apps, data and services people need to be productive, and simplifies IT’s ability to adopt and manage complex cloud environments. Citrix solutions are in use by more than 400,000 organizations including 99 percent of the Fortune 100 and 98 percent of the Fortune 500.