Isn’t it always the way that when you solve a problem another more difficult one takes its place?
In the security industry, the pace of change is staggering, and is also accelerating. During day two of Infosecurity 2014, a panel by the Analogies Project, also featuring Forrester, explored the lack of security awareness being displayed by the young generation, Generation Y.
The session revealed a number of studies proving that, on the whole, Gen Y worry less about IT security than generations immediately before them. This is based on their increased confidence with IT and a general assumption that technology should just… work… shouldn’t it?
Installing a new generation of tech enthusiasts who are not overly focused about security is a dangerous mix. It’s this kind of environment that was exposed by Ed Snowden, about whom there has also been a great deal of discussion so far.
According to Mikko Hypponen at F-Secure, the culture of whistleblowing has been created by companies failing to address the concerns of their employees. With Generation Y now entering the workforce, ignoring this any longer could have dire consequences.
As renowned security analyst Graham Cluley mentioned in another of the day’s sessions, there is no longer a typical profile of the cybercriminal.
Potential threats now come from anywhere, and everyone – meaning that communication with all members of staff is now a real requirement for IT. Channel 4 CISO Brian Brackenborough explained his company’s policy on this in some detail at the show.
So how do we go about engaging the new generation of worker? According to the panels, there were three key steps including:
- Be brief: provide small chunks of information over a longer period of time, making it easier for important data to be digested
- Be personal in all communications, acknowledging that everyone’s working behaviours are different
- Try to understand their motives – invest in education so that they come to understand the security requirements that may be taken for granted.
For further highlights of Infosecurity Europe day 2 – check out the video below.
What else did you spot during the show that deserves attention? Keep the discussion coming via #infosec14 on Twitter.