Millennial Habits Threaten Federal IT Security

As security-conscious baby boomers retire, a survey of the growing millennial workforce reveals a new generation more likely to trade caution for digital productivity.

October 25, 2016

4 Min Read


AUSTIN, Texas, Oct. 25, 2016 -- Global cybersecurity leader Forcepoint™ today released the results of a survey identifying how members of the millennial generation use technology and revealing how these behaviors – if left unaddressed – can significantly jeopardize the security of the U.S. federal government's IT systems. The research shows quick action is needed to prevent a generational shift from upending federal agencies' current cybersecurity postures, as hundreds of thousands of baby boomers reach retirement eligibility in the next year.


Forcepoint's study details a range of attitudes and risky behaviors gathered from more than 670 survey respondents. Millennials' regular use of unprotected public Wi-Fi, sharing of passwords and a belief that cybersecurity is solely the IT department's responsibility present the most urgent security challenges for the government.


Millennial Habits
Millennials currently comprise about 25 percent of federal employees and are expected to represent nearly 75 percent of the workforce by 2025. While baby boomers are more cautious online, survey data shows that millennials (born between 1977 and 1994) are more likely to abandon caution for digital expediency. Federal cybersecurity officers today face a millennial workforce believing they are sufficiently educated and confident in security knowledge; yet the survey's data reveals many do not utilize safe behaviors when it comes to technology and the workplace. Among the alarming responses collected and examined in the survey's full results: many millennials acknowledged they use personal devices for both work and play, with nearly a quarter downloading company files and third party apps to personal devices to increase productivity without notifying IT. In addition, while millennials claim to understand and use strong passwords, they also revealed they frequently use the same password for multiple systems and apps and share them with others even after having personally experienced a breach.


Government Security Officers' Response
Placing millennials' responses in greater context, Forcepoint additionally surveyed a group of federal security officers individually interviewed on how they are adapting their cybersecurity efforts. Surveyed officials reported a wide array of observations and changes reflecting the millennial rise, including:

  • Officers say current changes primarily relate to flexible scheduling and accessing information on mobile devices; nothing new is being done specifically to address incoming millennials from a fundamental security protocol and control perspective

  • Federal organizations are largely making changes individually, agency by agency

  • These steps include re-tooling security awareness programs that emphasize secure productivity, to help employees recognize the dangerous trade-offs of circumventing policies and updating BYOD programs with tools allowing for greater visibility by monitoring applications' reach and data flows

"Beyond the security of the apps and devices employees bring to federal networks, agencies should also look at employee motivations, taking into account both productivity gains and potential security risks," said Forcepoint's Chief Strategy Officer and Federal Division President, Ed Hammersla. "The data resulting from the survey highlights important attitudes and risk factors that can help agencies adapt cybersecurity programs with millennials in mind, fully capitalizing on their creativity and energy while preventing them from becoming accidental insider threats."


About Forcepoint
Forcepoint's portfolio of products safeguards users, data and networks against the most determined adversaries, from accidental or malicious insider threats to outside attacks, across the entire threat lifecycle. Forcepoint protects data everywhere – in the cloud, on the road, in the office – simplifying compliance and enabling better decision-making and more efficient security. Forcepoint empowers organizations to concentrate on what's most important to them while automating routine security tasks. More than 20,000 organizations around the world rely on Forcepoint. Based in Austin, Texas, with worldwide sales, service, security laboratories and product development, Forcepoint is a joint venture of Raytheon Company and Vista Equity Partners. For more about Forcepoint, visit and follow us on Twitter at @ForcepointSec.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights