Upload
emc-corporation
View
573
Download
0
Embed Size (px)
DESCRIPTION
A CXO presention by Andrew Moloney, EMEA Marketing Director at RSA, The Security Division of EMC
Citation preview
Securing Generation “Y” ..and the businesses they are now being hired by…
Andrew MoloneyMarketing Director, EMEA
CXO DialogueNovember 23rd 2010
Introducing Generation Y
Key Findings in our Research
Impact of Consumer Driven IT
How Security Must Change
Generation “Y”* are now joining the workforce
*…also known as
the Millennial Generation, Generation Next
or Net Generation
Introducing Generation Y
Key Findings in our Research
Impact of Consumer Driven IT
How Security Must Change
Our Generation Y Research
n=1,000, ages 18-24
• employed full-time 25%
• employed part-time 37%
• unemployed 37%
Currently looking for a job 38%
Not currently looking for a job, 39%but I expect to begin looking within the next year
Not currently looking for a job, 24%nor do I plan to look for a job within the next year
Security aware, but easily lead and Socially “Promiscuous”
76% say most of their contemporaries willingly take chances with security in return for lower prices.
91% of young adults who use social networks list friends they don't know well.
• 88% are “friends” with an acquaintance
• 44% with someone they’ve met online but not in person• 44% with someone they’ve met online but not in person
• 33% with someone they’ve never met online or in person
37% of social networkers admit that their profile info on their social network profile is viewable by people outside their friends’ list
34% of social networkers admit that their photos, videos, and blogs are viewable by people outside their friends’ list
Source: Generation Y Online Security Survey: TRU Research; sponsored by RSA
Insecure online banking practices..
81% say they bank online
66% feel very safe sharing financial information online
However….
• 42% conduct online banking transactions from a public computer
• 53% use public Wi-Fi spots• 53% use public Wi-Fi spots
• 55% Never check their credit reports
• 76% select PIN numbers that will be easy to remember
• 32% never change their passwords
Source: Generation Y Online Security Survey: TRU Research; sponsored by RSA
Convenience trumps Safety..
76% agree it’s very important to change your online passwords/PIN numbers regularly.
55% are concerned that someone will figure out their passwords on password‐protected sites.
• Yet, 32% never change their passwords on email, social network sites, or banking sites.
‐
sites, or banking sites.
87% say it’s very important to use different or complex passwords for online accounts.
• Yet, 52% usually use the same password for all accounts, and 44% usually use the same PIN.
26% store their passwords on their computer/PDA so they won’t forget them.
Source: Generation Y Online Security Survey: TRU Research; sponsored by RSA
Reputational Risk for Employers?
77% are currently searching for a job or are about to begin job hunting
However…of the 96% that visit social networking sites:
• 56% Used curse words in online posts
• 37% Posted photos, videos, or comments online that include cigarettes, alcohol, or drugs
•cigarettes, alcohol, or drugs
• 26% Posted online comments that are sexual in nature
• 25% Posted embarrassing or compromising photos, videos, or comments online that they would not want viewed by a parent or employer
• 20% Found photos online that were posted without their knowledge
• 18% Were a victim of someone hacking into their email or social networking account
Introducing Generation Y
Key Findings in our Research
Impact of Consumer Driven IT
How Security Must Change
With devices affordable and pervasive, “digital natives” are creating personal infrastructures that extend into the workplace
20
30
23.2
During an average workday, how many hours would you
estimate that you spend using …?
Gen Y spends
That the sum of
hours spent using
devices at work
totals almost a full
calendar day
implies significant
multi-tasking and
10
PersonalComputer
7.07.8
8.5
PDA,BlackBerryor smart phone
1.11.7
4.0
Mobile phone
1.62.5
4.9
All devicesin survey
10.5
14.0
Baby boomer
Gen X
Gen Y
Base = 700 white
collar professionals
Gen Y spends
significantly more time
using mobile devices at
work
multi-tasking and
the
interchangeability
of the devices
Source: LexisNexis / WorldOne Research
Media accessed via these devices are nearly at full penetration among Gen-Y-ers, and enterprises are adopting them too
80
100% 97% 95% 93% 92% 90% 88%
75% 73%
Gen-Y: Are you a member of an online social network?
(Facebook, Bebo, MySpace, etc.)
Selected Countries
Penetration of Corporate Social
Networking
Social networking is part ofour business and operations
strategy30%
Our CEO is on Facebook 31%
20
40
60
Hon
gKon
gNet
herla
nds
Fran
ce
USA
Turk
ey
Chi
le
Braz
ilRus
sia
Sou
thAfri
ca
61%
Arg
entin
a
58%
Source: PricewaterhouseCoopers, Deloitte
We post corporate videoson YouTube
13%
Our CEO has a Twitterprofile
14%
We use social networkingfor recruiting purposes
23%
We utilize social networkingas a tool to manage and
build our brand29%
strategy
Consumerisation of IT, will shift power from the company to the individual – security strategy must evolve accordingly
Employees bring personal
technology to the workplace
–Companies are forced to embrace consumer technology, and find scalable ways to manage the
multiplicity of devices (BYOC, desktop virtualization, etc.)
–Companies are forced to develop policies and approaches for managing online risk pertaining to
confidential information, brand, etc.
Employees manage
reputation, personal brand,
job searches etc. online –
often via virtual identities
Source: Gartner, Forrester, Economist Intelligence Unit, EMC analysis
–Business takes ownership of online processes, end user devices and associated risk, with IT
providing guidance and tools
Businesses increasingly
leverage consumer
technologies for corporate
purposes
•• IT / CISO are no longer allIT / CISO are no longer all--knowing authoritiesknowing authorities
•• Some security vulnerabilities move from “forbidden” to “manageable”Some security vulnerabilities move from “forbidden” to “manageable”
•• Business takes responsibility for actions of employeesBusiness takes responsibility for actions of employees
Introducing Generation Y
Key Findings in our Research
Impact of Consumer Driven IT
How Security Must Change
Managing Risk and Threats
No clear visibility to
threats and exposures
Inability to adequately
address exposures Slow to respond
15
threats and exposures address exposures Slow to respond
The CSO’s Challenge: Can they answer?
Am I secure?
Am I compliant?
Where do I have gaps?
How do I prioritize?
Managing Security with Accelerating Threats, Evolving Technologies, New Business Models …
… is not easy
• Information growth
• Mobility, virtualization & cloud
• Evolving threat landscape
• Collaboration / Exchange
Agency Staff Privileged Users
Apps/DB StorageFS/CMSNetworkEndpointRemote Employees
Channels
VPN
Privileged Users Privileged Users Privileged Users
-BusinessAnalytics
-ElectronicHealth Records
-Replica
-BackupDisk
-Backup Tape
-SharePointRoom, etc.
-File Server
-DiskArrays
-ProductionDatabase
-Physicians
-Clinical
Users
Endpoint
theft/loss
Network Leak
Email-IM-HTTP-
FTP-etc.
Privileged
User Breach
Inappropriate
Access
Tapes lost or
stolen
Data LeakPublic
Infrastructure
Access Hack
Unintentional
Distribution
(Semi)
Trusted User
Misuse
Discarded
disk exploited
-Patients
Partner Entry Points
Partners
Channels
Customers
Channels
Partner Entry Points
Point ToolPolicy
Team
Traditional Approach
Point ToolPolicy
Team
Point ToolPolicy
Team
Network Endpoint Applications
Fragmented Inflexible Inconsistent Costly
Security Trends -The World Has Changed
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Perimeter
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Static
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Transactional
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Dynamic
History(Outside–In)
Today / Future(Outside–In + Inside-Out)
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Point Products
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Bolt On
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Intrusion Detection
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Visible
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Ecosystem Solutions
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Embedded
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Content Oriented
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Seamless / Transparent
Summary
As Generation Y join the workforce, the means by which we secure, not only them, but our enterprises must adapt accordingly
Static, perimeter centric controls will be insufficient in a socially connected, consumer driven, virtualised, cloud based environmentbased environment
Security must evolve to be;
• Risk based
• Information Centric
• Adaptive
• Intelligent