Global Study Shows Millennials and GDPR are Driving the Need for a New IT Security Framework

Citrix Red Bull

55 percent of respondents believe Millennial employees may pose the biggest security risk, says IT survey from Citrix and The Ponemon Institute.

According to a recent survey by the Ponemon Institute and Citrix, there are two major IT security risks that enterprises need to prepare for Millennials and the impending General Data Protection Regulations (GDPR). The global study of more than 4,000 IT, security, and business professionals found that Millennials bring a growing number of mobile apps, devices and new methods of information sharing and collaboration that pose new security risks for businesses. The study also found that most enterprises are skeptical of their ability to meet the stringent security and compliance requirements of the proposed GDPR.

Generational differences increase security risk

The modern workforce is composed of three different generations and each has different views on information sharing, collaboration, technology, and the role security plays in each. The global study shows that each generation is also susceptible to different kinds of security vulnerabilities:

  • 55% of security and business respondents said that Millennials, born 1981-1997, pose the greatest riskĀ of circumventing IT security policies and using unapproved apps in the workplace.
  • 33% said Baby Boomers, born 1946-1964, are most susceptible to phishing and social engineering scams.
  • 32% said Gen Xers, born 1965-1980, were most likely to circumvent security policies and use unapproved apps and devices in the workplace.

Regulations are forcing more security requirements

With the GDPR set to go into effect May 2018, the European Union (EU) has taken a step toward protecting business information and employee data as workers traverse digital and physical borders around the world. GDPR will impact businesses worldwide, including any organizations inside and outside the EU that share data or sell products or services in the region. As businesses prepare, a few hurdles need to be overcome. The study from Citrix and the Ponemon Institute found that 67% of global business respondents are aware of GDPR, but only about half have started to prepare for these new regulations. The most significant barriers are:

  • Companies who do business in Europe need to adapt: 74% of respondents say GDPR will have a significant and negative impact on business operations. 65% are worried about the new penalties of up to 100 million euros or 2 to 4 %of annual worldwide revenue.
  • Technologies need to protect all information, everywhere: 52% of respondents do not feel that their security infrastructure facilitates compliance and regulatory enforcement with a centralized approach to controlling, monitoring and reporting of data.
  • Thinking globally: 53% are concerned with the increased global effects GDPR will bring, impacting more businesses, including many outside the EU.

Breaking down the barriers

Citrix CSO Stan Black and CMO Tim Minahan offer advice on how organizations can implement the right infrastructure for their business.