Millennial IT professionals who have worked at a single employer for seven years or more pose the greatest internal risk to their company's security, according to a report.
Cloud IT firm Intermedia conducted a study of more than 2,000 office workers in the U.S. and U.K. and found IT professionals aged 18-34 years engage on average in the riskiest digital behaviors. Among this population, tenured employees – those who have been at the company for seven years or more – posed the greatest threat.
Ryan Barrett, vice president of security and privacy at Intermedia, told SCMagazine.com that professionals who have been around for the longest period of time are less nervous about making mistakes that would endanger the security of the organization. “They have more social capital at that stage,” Barrett said. “Mistakes are less tolerable when an IT professional is new at the company.”
Intermedia's 2015 Insider Risk Report found 37 percent of employees who have worked at their company for at least seven years admit to using hard copies to store their passwords. The report also found 42 percent of these employees use personal passwords for business applications.
Last month, a study conducted by Atomik Research found that millennial consumers are not confident in the security of their data. Barrett said this age group is “ripe for being trained,” but he said, “They don't want to be trained in the same boring way.”
In an attempt to make security awareness more interactive, his company holds an annual Hacktober event, modeled after Facebook's similar event in celebration of National Cyber Security Awareness month. Intermedia hack its own employees throughout October by sending phishing emails, leaving out USB sticks containing malware, and other activities.
“They find it far more engaging, interesting, and fun,” Barrett said.