Feeds

Younger generation taking 'sledgehammer' to security

Digital natives v digital immigrants

Internet Security Threat Report 2014

RSA 2012 The new generation of "digital natives" coming into the workplace is going to blow apart existing security practices, Symantec's CEO Enrique Salem warns.

In his keynote speech on Tuesday at the RSA 2012 conference in San Francisco, Salem said that the current young generation, born in the 1990s, has a radically different approach to the internet and security than that of the older "digital immigrants" who built it.

"These digital natives are a freight train coming that will hit businesses like a sledgehammer," he warned. "They are the sledgehammer of change, and they're going to need to work with digital immigrants like you and me."

Salem said that the average US 21-year-old has sent over 250,000 emails, text messages, and IM sessions, has spent over 14,000 hours online, and doesn't accept information from a single source, but checks with his or her network instead. They use email rarely and have never known life without the internet. They even think differently, multitasking constantly in what he called "continuous partial attention."

Companies are going to have to get used to this, and should see productivity benefits, Salem said. But this style of working is going to need a dramatic reworking of traditional security practices, he warned, then proposed new ways to deal with the situation.

Authentication needs to be altered, he suggested, so that it is similar to single sign-on, but much more flexible for working across a variety of platforms. Security has to work on multiple devices, since digital natives take a "bring your own device" approach to hardware, and on multiple levels, so that it can incorporate new data such as location and online behavior.

The firewall will also need to be reinvented, he said, so that it not only watches what data comes into an organization, but also what data goes out. That data leaving via the cloud needs to be automatically tagged, since users can't be trusted to do it themselves, and clear cloud audit trails need to be set up and monitored. Finally, IT administrators need to be able to shut down access to information quickly when the native leaves the company.

Salem raised some good points, but he was short on solutions. He promised that Symantec would provide protection, but gave little indication as to how and why. No doubt details will be forthcoming, but he set himself a very high target. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.