Gen Y Security Threat

Picture the kind of person you’d consider
a security problem, and what leaps to mind?
Chances are it’s the image of a young male who
thinks he’s pretty darn smart—the Kevin Mitnick
type. But it’s time for CIOs to focus their
security efforts on young men and women who
aren’t thinking smart. Will your security staff get
through to them before they inadvertently let a
real hacker get at your company data?

Now, it would be unfair and inaccurate to
say that Generations X and Y have a monopoly
on IT carelessness. A study on social networking
released in October by CA Inc., and the National
Cyber Security Alliance found that workers over
35 are more likely than younger people to—d’oh!—
post their phone numbers and addresses on social networking
sites or respond to
unsolicited e-mail. (Apparently
people do respond to
Viagra spam.) But there’s
enough evidence—besides
the pictures of young people
behaving badly splashed all
over these sites—that young
adults are less discrete than older workers.

Of the 2,163 adults surveyed by CA and the
NCSA, 51 percent of the under-35 crowd use these
sites at work—that’s 9 percent more than 35- to 54-
year-old workers and 28 percent more than workers
55 or older—and they tend to engage in riskier
behavior. Sixty-six percent download files from
others’ profiles “all the time” or “sometimes,” setting
themselves up to download Trojans, worms
and other headaches. They are also less likely to
close their profiles to anyone but friends—just 69
percent do that—leaving them open to more social
engineering scams, and leaving their work-related
postings accessible for anyone to see. So when 83
percent of the respondents to CIO Insight’s May
Security Survey say social networks, blogs and
wikis will increase their security risks, they know
whence they speak.

Another sign younger people aren’t as careful
as they should be: They are more likely to have
their identities stolen. Not to blame the victims—
save that for the scuzzy perpetrators of these
crimes—but it stands to reason that people who
take more precautions are less likely to be victimized
and vice versa. A 2007 study of 5,000 adults
by Javelin Strategy and Research found people 18
to 24 are at higher risk of ID fraud. “Victims in this
age group are less likely to use basic precautions,
such as shredding documents,
switching paper bills
and financial statements to
electronic versions or using
antivirus, anti-spyware software
or firewalls,” Javelin’s
report summary states.

“Members of this age group
were the most likely to fall
victim to fraud in the past
12 months, with an incident
rate of 5.3 percent.” And that’s understandable: To younger workers,
computers, digital cameras and the Web have
been toys and companions. But security experts
know they are double-edged swords that can
deliver nasty, self-administered wounds. Other
more experienced IT people know it, too. If CIOs
are to minimize careless online behavior—their
No. 1 concern, according to this year’s CIO Insight
Security Survey—it’s time they target younger
workers and find a way to get their security message
across loud and clear.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles