More than a third of senior executives believe that younger employees are the “main culprits” for data security breaches in the workplace according to a new independent study into attitudes of the next generation workforce about cybersecurity, commissioned by Centrify.

The study also reveals that these same decision makers are doing very little to allay their own fears, with more than a third of 18-24-year olds able to access any files on their company network and only one in five having to request permission to access specific files. Less than half (43%) have access only to the files that are relevant to their work.

The study, conducted by Censuswide, sought the views of 1,000 next generation workers (18-24 year olds) and 500 decision makers in UK organizations to discover how security, privacy and online behavior at work impacts the lives of younger employees and the companies that they work for.

While password sharing tops the list at 56 percent as to what keeps decision makers awake at night, 29 percent of younger workers reveal that they are in the driving seat when it comes to password changes with their employers leaving it to them to decide when they need a password change. Furthermore 15 percent of them admit to freely sharing passwords with colleagues.

Asked how younger employees could negatively impact the workplace, 47 percent of decision makers worry about them sharing social media posts and the impact these could have on brand and reputation. One in five workers are not bothered about how their social media activity might affect their employers – and 18 percent freely admit that their posts could compromise employers’ security and privacy policies. Less than half say their company has social media guidelines in place, highlighting the need for strong social media access controls that follow the principles of a ‘Zero Trust’ approach to security, which assumes that users inside a network are no more trustworthy than those outside the network.

The next generation of workers’ ‘always on’ approach to technology – with no experience of an off-line world – further reinforces the need for robust security policies. When it comes to this generation of workers, 40 percent of decision makers are concerned about their misuse of devices, while 35 percent say they are too trusting of technology and 30 percent worry they share company data too easily.

While 79 percent of decision makers report having a strong security policy in place and 74 percent of them think that their employees abide by it, over a third (37 percent) feel that young workers are too relaxed about security policies.

Decision makers also say the next generation of workers have a good awareness of the Dark Web (87 percent), underground hacking (79 percent) and crimeware (81 percent). Although around half (48 percent) say they have strict guidelines in place for employees accessing these new ‘dark arts’, 39 percent feel they could be better.