Millennials Pose Greatest IT Security Risk of Any Group, Survey Says


Millennials use unapproved apps, Generation X members ignore security policies and baby boomers get phished.

A majority of IT professionals believe millennials are most likely to put sensitive information at risk, but each generation poses different security threats, a recent survey says.

Fifty-five percent of more than 4,200 IT and IT security specialists view millennials as the greatest risk to confidential data. By comparison, a quarter of respondents said members of Generation X present the greatest liability, while 20 percent say it’s the baby boomers.

The recent study, conducted by Ponemon Institute and sponsored by Citrix, aims to shed light on global IT security risks and underscore the importance of advancing security policies to keep up with the constantly evolving cyber environment. In the survey, experts from a wide range of industries expressed their biggest IT security concerns and what challenges they face in improving existing systems.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

Though they believe millennials present the greatest overall security risk, respondents said older employees introduce their own set of hazards to the IT environment. Millennials are the most likely to use unapproved apps in the workplace, but Gen Xers tend not to heed company security policies, and baby boomers are significantly more susceptible to phishing and social engineering scams.

Respondents worried about a number of issues beyond human-factor liabilities, including potential risks resulting from the internet-connected devices and the outdated security systems that plague almost 70 percent of those surveyed. More than half the respondents said unifying a view of users across the organization was among their top IT goals, and roughly the same number sought to keep up with emerging cyberattack strategies.

More than three-quarters of respondents said using identity and access management tools and machine-learning technology were of the utmost importance in reducing security risks. Better staffing, improving technology and increasing funding within IT departments were cited as the top three ways businesses could improve their security posturing.