It’s time one again to ring the alarms about a dangerous group in our midst — not ISIL, but Millennials.
Also known as Generation Y, they are men and women roughly born in the early 1980s who would be in their 30s today. What makes them of interest are their responses to surveys indicating they are less worried than older colleagues about following corporate IT security rules and more interested in productivity, convenience or just having fun with their mobile devices.
Should CSOs be more wary of them among employees, or treat all staff the same — equally dangerous to the enterprise?
The latest attempt to get this comes from CSO Online, which interviewed or quoted a range of experts.
Andrew Avanessian, executive vice president of consultancy and technology solutions at Avecto, told a reporter that Millennials believe “everything should be instant – information and communication at the click of a button.” Given a security roadblock they’ll bypass the settings.
Millennials tend to trust technology more than they should, according to another security expert, who believes they are 99 per cent blind to the growing threatscape.”
But others cited say lots of people in other age groups willingly surrender their personally identifiable information on social media and other places. Information people put on LinkedIn “is way more valuable to a potential adversary than an Instagram shot of a Millennial’s brunch on a Sunday morning,” said one.
So what’s the answer? Focus awareness training on Millennials or everyone? “Fundamentally, data is exposed and vulnerable at the moment it is created, by default creating a requirement to protect and secure it whenever it is stored,” said Perry Dickau, director of product management at DataGravity. While training is also crucial, “it is just another piece in the overall security puzzle.
“Technology will only supplement the human element in any security, privacy, and compliance equation,” he said. “The two elements need each other to work successfully – one cannot replace the other.”