While this generation is familiar with technology, it often takes security for granted, a new study finds.
John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology and government. He is currently the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys
Almost every industry outside of high-tech is grappling with the problem of an aging workforce. The baby boomer generation is now aged between 51 and 69, with most of them either thinking about retiring or having already left the workforce.
But things are changing fast, with millennials, defined as those between 18 and 34 in 2015, already making up the bulk of the workforce in the United States. By 2025, they are expected to encompass 75 percent of all workers across the board.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
The federal government may acutely feel this change in the coming years. Looking at a couple federal agencies finds they are primed for a millennial takeover. The Health and Human Services Department still employs 40,165 baby boomers compared with 11,657 millennials. However, 6,379 boomers are up for retirement, with more on the way. At the IRS, it’s 47,519 boomers compared with 11,140 millennials, with 5,448 older employees ready to retire.
But what will this change mean?
One might expect that having millennials take over the reins of government would not cause any cybersecurity or IT-related problems. After all, millennials grew up and embraced the technology we all use today and are wholly more familiar with it than boomers, who had to learn those skills later in life.
And yes, while there are many good aspects of millennials working in government, there are also some potentially troubling issues on the horizon. The biggest concern, according to a new study conducted by the cybersecurity firm Forcepoint, is that while millennials are familiar with technology, they often take security for granted, or at least rank expediency and convenience much higher than safe computing practices.
I talked with Forcepoint Chief Strategy Officer Edward Hammersla about the new study and the hidden millennial landmines the federal government may soon encounter.
“The idea behind this study was we started noticing, in the media, how different the millennial generation is,” Hammersla said. “[We looked at] government jobs where people tend to stay longer within their job, and it got pretty interesting. One of the more compelling facts to me was that over 30 percent of the government IT workforce is eligible for retirement.”
And once millennials fill those jobs, the first landmine government will likely encounter is with social media. Forcepoint’s survey found over 60 percent of millennials would not accept a job unless they were allowed unrestricted access to social media platforms, meaning some agencies may need to loosen their policies just to fill vacant positions. Many private companies have no problem doing this in order to tap into millennials’ talents and skill sets, but that may require a culture change for government.
“Some of the commercial companies we talk with, the big ones in Silicon Valley like Google and Facebook, cite numbers upwards of 67 percent of millennials who don’t even use the corporate network,” Hammersla said. “They do all of their work on social media and cloud-based services, cloud apps and that sort of thing. I don’t think that is a bad thing, if it’s handled right.”
But that is only part of the problem.
The study also showed although millennials understood technology, many of them took security for granted. If federal agencies suddenly begin onboarding large numbers of millennials without additional planning, they could end up facing a deluge of new security problems.
“Millennials use different behaviors that older computer folks find risky,” Hammersla said. “Millennials typically use the same password across multiple systems. More than a third said they share their password with others. There is a sharing culture among millennials that pervades their thoughts and actions that wasn’t there during the typical baby boomer generation.”
The survey put the exact number of millennials who use the same password across multiple devices at 42 percent. Even more troubling is the fact the nearly three-quarters of millennials understood what a strong password was, but only about a third used them.
Baby boomers by contrast polled at just over half in terms of using a strong password, likely because that security mindset was drilled into them as they were learning the technology.
Some of the other troubling trends the study revealed includes:
- 70 percent of millennials don’t worry about connecting to unsecured Wi-Fi;
- 34 percent have used personal devices to access work systems after hours;
- 45 percent have had no formal security training;
- 54 percent are more concerned with internet speed over security;
- and 16 percent believe security is the sole job of IT and that they bear no responsibility to keep their employer safe.
“[Millennials] need less technology training, so you can pretty much hand them any device and they can use it,” Hammersla said. “But if the device has classified data on it, then their tendencies need to be considered to ensure proper security measures are in place. The general consensus is that training, organization and visibility are the answer, and I think that was one of the points of this study, to find those facts and not rely on gut feelings.”
Ultimately, it may take some compromise by both millennials and government, and somewhat of a culture shift, to create a new federal workplace that balances the use of pervasive, accessible technology with reasonable security precautions.