Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Gen-Y professionals exposing workplaces to cyber-attack

December 2013 by ESET

Low cyber-threat awareness amongst Gen-Y professionals coupled with blasé attitudes towards cyber security are leaving organisations across the country exposed to attack and data leaks according to new research commissioned by Internet security company ESET. Thirty-eight percent of Gen-Y professionals, those aged 18 to 30 years old, are unaware of, or don’t believe, their company has an IT security policy, whilst a further 30 percent of those who are aware of the existence of an IT security policy do not know what it is. Half also believe it’s nearly always their organisation’s sole responsibility to ensure the safety of data.

In addition, young professionals showed a naivety towards the sensitivity of data and its value to cybercriminals. Almost a fifth believe an attacker would be able to do nothing with their company’s data if stolen or a device hacked, whilst only half believe hackers would be looking to sell their company’s data. Just over 50 per cent are also unaware that stolen data could be used against their company, and 70 per cent that hacked devices can be manipulated to make further future attacks. A complete lack of concern over the effects upon their company and its data if a work device is hacked, lost or stolen is also apparent in almost a third of young professionals.

Forty-four percent of young professionals have connected, or are unsure if they have connected, their own devices, potentially infected with malicious malware, to their company’s network. Forty-seven percent also use work devices for personal use, with one in ten lending these to people outside the organisation. The need to ensure only secure devices are allowed access to their company’s networks was also completely disregarded by a tenth of young professionals who admit they may have shared access to their company’s network with third parties.

Technical Director of ESET UK, Mark James, said: “Young professionals are the most tech savvy when it comes to personal brand, yet when it comes to transferring that same shrewdness to their business lives, they are arguably some of the most unreliable. This highlights a need for IT security teams to engage with younger employees in the creation of policies that suit the needs of both parties.”

“More likely to blur the boundaries between work and personal devices, Gen-Y are the early adopters of new technologies; often more blasé about security practises as they’ve been brought up experimenting with technology and sharing personal data via social media.”

18-24 year olds seemed even less engaged and more risk-prone than 25-30 year olds. The very youngest members of the workforce were more likely to lend work devices to friends or family, and three-times more likely to have intentionally shared non-guest access/passwords to their company’s network.

Mark James continued: “If younger workers are connecting their own devices to the network, one approach is for organisations to ensure they have appropriate personal security. This could be aided through choose-your-own-device policies which place more control back into the hands of the IT team. Employees accessing the network through their own devices are given a choice from a select set of products with adequate and regularly updated home security already installed on these devices”

The want to engage with IT security teams to develop policies is wanted by a large number of young professionals. Nationally, a quarter would like a voice in the development of their organisation’s policies towards IT security. However, attitudes do vary across the country. Only 11 percent of young professionals in East Anglia, and nine percent in Northern Ireland, would like more say in how their company develops its IT security policies, compared to nearly 40 percent in both Wales and the East Midlands.

Data points:

70%
are unaware that hacked devices can be manipulated to make further future attacks

52%
are unaware that stolen data could be used against their company

50%
believe it’s nearly always their organisation’s responsibility to ensure the safety of data.

49%
are unaware hackers would be looking to sell their company’s data

47%
use work devices for personal use

44%
of young professionals have connected, or are unsure if they have connected, their own devices, potentially infected with malicious malware, to their company’s network

38%
are unaware of, or don’t believe, their company has an IT security policy

29%
Indicate a complete lack of concern over the effects upon their company and its data if a work device is hacked, lost or stolen

30%
of those who are aware of the existence of an IT security policy do not know what it is

18%
believe an attacker wouldn’t be able to do anything with their company’s data if was stolen or a device hacked

10%
admit they may have shared access to their company’s network with third parties


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts