Blog
Younger Workers: Security Is a ‘Hindrance’
A new study from HP Wolf Security reveals that cybersecurity teams are meeting a lot of resistance as organizations adjust to a hybrid work model.
The hybrid model blends work-from-home (WFH) with in-office policies, requiring cybersecurity teams to implement security measures for both. But their efforts aren’t always appreciated. Resistance to security measures is especially strong in the 18-24 age group, which appears to prioritize efficiency over security. Nearly half (48%) of respondents in the study, titled Rejections & Rebellions , said security policies are a hindrance and waste time.
More than half (54%) are more worried about deadlines than potential exposure to security breaches, and 39% weren’t even sure what their companies’ security policies cover. The survey also found that 31% of respondents in the 18-24 age bracket had attempted to circumvent security measures.
“If security is too cumbersome and weighs people down, then people will find a way around it,” Ian Pratt, HP’s global head of security for personal systems, said on the HP Wolf Security blog .
“Instead, security should fit as much as possible into existing working patterns and flows, with technology that is unobtrusive, secure-by-design and user-intuitive.”
Pressure on IT Teams
The hybrid model has created challenges for cybersecurity workers. The overwhelming majority of IT teams participating in the study (91%) said they have “felt pressure to compromise security for business continuity.”
As a result of updating security policies to accommodate WFH employees, 80% of IT teams have experienced pushback from users. In addition, 80% said security has become a “thankless task,” and 69% said they are made to feel like bad guys for implementing security restrictions.
These findings may be a reason for concern for employers. Currently, there is a worldwide shortage of 3.1 million cybersecurity workers. That gap could well widen if current cybersecurity workers become discouraged and look for employment elsewhere.
The study also revealed concerns among IT teams that the rush to set up remote environments during the pandemic was detrimental to security. About three quarters of IT teams (76%) said security took a back seat to continuity, and 83% said they believe WFH is a “ticking time bomb” for a network breach.
Better Engagement
To address the rift between employees and cybersecurity teams, HP Wolf Security said the latter need to communicate better. While CISOs have succeeded in “driving cybersecurity higher up the boardroom agenda,” they need to engage all areas of the business.
“Clear, compelling communication and engaging training and education will be key to building a more collaborative security culture,” the study said. “Simple adjustments such as providing the rationale behind a security decision or moving away from one-way instruction to seeking user input before deploying new policies will significantly change how they are received. By building collaborative security partnerships across the workforce, cybersecurity will start to become a cultural cornerstone.”