SlideShare una empresa de Scribd logo

SECURITY OF THE DIGITAL NATIVES - English version

Descargar como PPT, PDF
Tech and Law Center
Tech and Law Center

The project sets out to study the level of awareness and perception of IT security amongst university students, paying particular attention to the world of mobile devices. The report analyses the answers given by 1012 students from over 15 Italian universities to a multiple-choice questionnaire. The analysis shows that students’ perception of their knowledge is generally wrong and that they are unaware of the risks arising from their behaviour. In view of these risks, a proposal has been made to implement technical and legal measures to reduce future problems deriving from faulty or lax adoption of security measures on their mobile devices.

Tecnología
1 de 41
1 SECURITY OF THE DIGITAL NATIVES
2 Security of The Digital Natives Aim of the study The goal of this survey is twofold: on the one hand the focus is on the awareness and knowledge of the university students trying to understand what is their perception of security compared to their actual knowledge; on the other hand we focus on outlining the threat landscape on the basis of their habits, on the way they use their mobile devices, on the type of data they store and on the operations they perform.
3 Security of The Digital Natives Who we are Tech and Law Center is an interdisciplinary center promoted by a research group composed of members from Università di Milano, Università di Milano–Bicocca, Università dell’Insubria and Politecnico di Milano. The center projects and events address digital technologies and their interaction with law and society.
4 Security of The Digital Natives The research team Giuseppe Vaciago Tech and Law Executive Committee Francesca Bosco Tech and Law Executive Committee Valeria Ferraris Researcher Pasquale Stirparo Tech and Law Fellow
5 Security of The Digital Natives The research team Stefano Zanero Tech and Law Executive Committee Pierluigi Perri Researcher Davide Ariu Tech and Law Fellow Brikena Memaj Tech and Law Member
6 Security of The Digital Natives Giuseppe Vaciago has been a lawyer of the Milan Bar since 2002 and for the last 10 years his primary focus has been IT Law with a focus on cyber crime. He has assisted many national and international IT companies. He is the author of many publications on cybercrime, including both scientific journals and textbooks, which have been adopted by the University where he teaches. Academically, he received his PhD on Digital Forensics from Università di Milano and he is a lecturer at Insubria University (Varese and Como) where he holds a course on IT law. He has also delivered many lectures and presentations in both Italy and abroad. He attended Fordham Law School and Stanford Law School as a Visiting Scholar to expand his studies in his own particular research area He is member of the executive committee of Tech and Law Center and fellow at the Nexa Center and at the Cybercrime Institute of Koln. Twitter: @giuseppevaciago Lawyer at Milan and Professor of IT Law Partner at R&P Legal Giuseppe Vaciago Giuseppe Vaciago
7 Security of The Digital Natives Francesca Bosco earned a law degree in International Law and joined UNICRI in 2006 as a member of the Emerging Crimes Unit. In her role in this organization Ms. Bosco is responsible for cybercrime prevention projects, and in conjunction with key strategic partners, has developed new methodologies and strategies for researching and countering computer related crimes. More recently, Francesca is researching and developing technical assistance and capacity building programs to counter the involvement of organized crime in cybercrime, as well as on the legal implications and future scenarios of cyberterrorism and cyber war. Furthermore, she is researching and managing projects on hate speech online and on data protection issues related to automated profiling. Francesca is one of the founder of the Tech and Law Center, she is in the Advisory Board of the Koln Cybercrime Institute and she is currently a PhD candidate at the University of Milan. Twitter: @francibosco UNICRI Project Officer and PhD student at Università di Milano Bicocca Francesca Bosco Francesca Bosco
8 Security of The Digital Natives Pasquale Stirparo is Digital Forensics Engineer and founder of SefirTech, a company focusing on Mobile Security, Digital Forensics and Incident Response. Prior to found SefirTech, Pasquale was working at the Joint Research Centre (JRC) of European Commission as Digital Forensics and Mobile Security Researcher, with particular interest on the security and privacy issues related to mobile devices communication protocols, mobile malware and cybercrime. He has also been involved in the development of the standard “ISO/IEC 27037: Guidelines for identification, collection and/or acquisition and preservation of digital evidence”, for which he led the WG ISO27037 for the Italian National Body in 2010. Author of many scientific publications, he has also been invited as speaker to several national and international conferences and seminars on Digital Forensics and lecturer on the same subject for Politecnico di Milano and United Nations (UNICRI). Pasquale is Ph.D. candidate at the Royal Institute of Technology (KTH) of Stockholm, holds a MSc in Computer Engineering from Politecnico di Torino and he’s certified GCFA, OPST, OWSE, ECCE. Twitter: @pstirparo Digital Forensics Engineer, Founder at SefirTech Ph.D. candidate at Royal Institute of Technology (KTH) Stockholm. Pasquale Stirparo Pasquale Stirparo
9 Security of The Digital Natives Chapters of the report LEGAL AND POLICY MAKING CONSIDERATIONS ANALYSIS OF THE QUESTIONNAIRES CONCLUSIONS AND RECOMMENDATIONS TECHNICAL CONSIDERATIONS
Analysis of the questionnaires
11 Security of The Digital Natives The survey was carried out using a questionnaire containing 60 multiple-choice questions divided into sections related to the different aspects of the issue: practice patterns for smartphones, tablets and laptops; approach to the various networks; and, for all the applications on the devices, the use of passwords, the perceptions of the security risks, and the general interest in and knowledge of the topic. The target population was university students. The administration of the questionnaire was carried out anonymously through the platform “Google Form” from September to November 2013 and it involved over 15 Italian Universities. 1012 questionnaires were collected. These presented responses from a wide range of geographic areas and degree choices (with a good mix of students from both the sciences and the humanities). Methodological remarks
12 Security of The Digital Natives This group represents the 38,3%. This group represents the 24%. This group represents the 37,4 %. Light users Medium users Heavy users Users Groups The statistical technique helped in identifying 3 well-diversified groups, each one presenting homogeneous characteristics useful to define 3 users’ profiles
13 Security of The Digital Natives The sample: gender and study Communication Science 8,9 % Law 29,6% Other Faculties 22,2% Computer science and engineering 39,3 % Smartphones and tablet users are 58% male and 42% female, in line with male higher presence in IT studies.
14 Security of The Digital Natives The use of mobile devices Some preliminary questions aimed at understanding how students use their mobile devices and what they save on the devices. . take photos and videos with their smartphones and tablets 70 % they store personal passwords on their devices. 27,7 % they save contacts/photos and videos 97 % 75 % “always or often” make phone calls, receive text messages/e-mails; browse the web; use Skype, social apps
15 Security of The Digital Natives The knowledge and fear of risksHow worried they are about the security of their mobile devices 33,4% 5,6% 53% 8%
16 Security of The Digital Natives The knowledge and fear of risksHow secure they feel when doing these activities with their mobile devices
17 Security of The Digital Natives Protect mobile devices with PIN number 28,8 %Protect mobile devices with pattern lock 23,9 % Protect mobile devices with password/passphrase 6,6 %Protect mobile devices with biometrics (e.g.voice recognition) 0,6 % The password use and management and the technologies to protect mobile devices
18 Security of The Digital Natives Technical solutions to protect data in mobile devices 20% of the students do not know what these solutions are and another 20% do not use them. Among the systems used:
19 Security of The Digital Natives Final question on self assessment How they assess their knowledge on mobile security (%)
Legal and policy making considerations
21 Security of The Digital Natives Students pay absolutely no attention at all to the password relevant security requirements and they simply use the predictable password Students installs software and applications from unauthorized stores or without giving importance at right of access Mobile device is passed on to someone else, in particular where they are sold as second hand or lent to someone. PASSWORD APPS SHARING Results of the survey and possible scenarios
22 Security of The Digital Natives of students interviewed save, on their device, pins and passwords used for private services 1 27 % Results of the survey and possible scenarios of students interviewed do not log out after using a service online 40 % of students interviewed very rarely or never check the type of permissions required when downloading an app 53 % of students interviewed use open Wi-Fi systems to connect to the Internet on their mobile device using all types of functions 41%
23 Security of The Digital Natives of students interviewed do not use a password to protect their mobile device 40% of students interviewed said that, when asked to change their password, the new password that they create takes the form of a minor variation on the previous one 41% is currently using two-factors authentication 5% Password is tiring... It follows that one of the most critical issues to be tackled in the IT field is the fact that users need to be persuaded to use a password that can actually operate to protect their data. Our research in fact revealed that
24 Security of The Digital Natives Identity Theft – A fragmented scenario 1.Lack of specific legislation on ID Theft 2.Lack of National reporting System on ID Theft 3.Different Penalties from Country to Country Comparative Study on Legislative and Non Legislative Measures to Combat Identity Theft and Identity Related Crime: Final Report”, RAND Europe, June 2011.
25 Security of The Digital Natives Identity Theft 1.Introduction of an ad hoc Legislation 2.Reinforcement of the collaboration between national investigative bodies via an EU contact Network • Centralized reporting system on EU Basis A good example: CONSAP Project on ID Theft for the following project: Financial, TELCO and Insurance (Legislative decree 64/11)
26 Security of The Digital Natives The Italian Data Protection Authority focus attention on the correct use of mobile devices with its 'Fatti smart!' ['Be Smart!'] campaign ENISA organize in the next months a cybersecurity championship where university students compete on Network Information Security Challenge Cybersecurity Campaign Initiative
27 Security of The Digital Natives Security v. Usability 54.5% of the students go onto sites that require authentication via Google or Facebook. This confirms the extent to which usability is a determining factor in terms of the level of trust that a user places in an online service. Usability is the central issue to increase the levels of security of the mobile device
28 Security of The Digital Natives 1.D. Solove: “Schools are gathering and sharing a mammoth amount of personal data” 2.There is no a clear Security policy for mobile devices in the Italian University 3.Not only the students, but also the Professor are not always aware of cybersecurity risks D. Solove, 5 Things School Officials Must Know About Privacy The Regulation of Mobile Devices in Universities In certain American universities security standards (e.g. HIPAA) are imposed for mobile devices owned by students and university staff (Bring Your Own Device- BYOD) in order to verify their security levels (use of anti-virus software, updates to the operating system and encryption systems)
29 Security of The Digital Natives Awareness Responsibility Response Ethics Democracy Risk assessment Proposed Solutions and Initiatives Security design and implementation Security management Reassessment
Technical Considerations
31 Security of The Digital Natives When asked to evaluate their knowledge of mobile security issues, on a scale from 1 to 10, a significantly high percentage of the respondents (55%) graded themselves between 6 and 8. This, however, contrasts with the average percentage of “correct” technical answers of the questionnaire, which was 29%. This discrepancy between perceived knowledge and actual knowledge conveyed through answers to technical questions, was confirmed by the different levels of confidence at the beginning and at the end of the survey. After going through the security questions in the survey, the confidence of university students on their level knowledge falls from 82% of respondents evaluating their confidence above 6 before the survey, to 66% at the end. The possibility of a potential bias induced by the Dunning-Kruger effect should be taken into consideration, which is a cognitive bias in which unskilled individuals suffer from illusory superiority, mistakenly rating their ability much higher than is accurate. This bias is attributed to a metacognitive inability of the unskilled to recognize their ineptitude. Awareness, knowledge and (false) perception
32 Security of The Digital Natives Habits and behaviors that may impact all security aspects, reflecting on all the threats. Habits that involve personal data and potential security and privacy threats. Habits that may have economic consequences (losses) for the individuals. General Identity Theft Economical Security ThreatsThreats that may arise from the students' behavior and habits
33 Security of The Digital Natives General Security Issues Which concerns how respondents behave with respect to software updates and application permissions 7% Of respondents perform regular updates to both mobile OS and apps 81 % Is the share of iOS devices in the wild outdated for longer than a year 4% of Android in the wild still run the 3 years old Gingerbread version 24% do not regularly update their mobile operating system (OS) or their mobile apps Oddly enough, presence in the market of old mobile OS versions, mainly related to Android phones, is still very high.
34 Security of The Digital Natives General Security Issues Which concerns how respondents behave with respect to software updates and application permissions 53,8% 25,5% 20,7% Moving to the installation and usage of apps, almost 54% of the respondents never or rarely check the permissions apps require. Such behavior is a dangerous trend that needs to be addressed: overlooking the privileges an app requires increases the proliferation of malware, since users will install and click on “YES” on anything
35 Security of The Digital Natives of users store their Address Book on their phones equiping it with personal photos and videos96% just 25% of responders regularly log out when done using an app 25% do not use any lock mechanism to prevent non-authorized access to the device 40% claimed to forsake the security features in order to maintain easy access to the device 52 % Identity Theft
36 Security of The Digital Natives It appears that users very often do not check the permissions required by the apps. This may be due to the fact that on some mobile platforms (Android, Windows Phone) permissions are granted in an “all or nothing” form. This is a dangerous model that trains people to overlook permissions, because they want to install that application not matter what the requisites are. This result becomes more worrisome if linked with the fact that 17% of the respondents install mobile applications from untrusted sources other than the official application markets. These two results together support the proliferation of mobile malware and particularly of the category of “toll fraud”, where the application silently subscribes the user to premium-rate SMS services. Economical Threats & the risk of mobile malware
37 Security of The Digital Natives What about Secure Development? 8,5% 40,1% 28,2% Among the respondents who declared to develop mobile applications (either for fun or profit), only 28% was following the guidelines for secure mobile programming. 23,2%
38 Security of The Digital Natives From the questionnaire emerged that the respondents are inclined to regularly update their devices. We can infer from this that they are conscious of the importance of software updates, but also that the procedures to update mobile devices and apps are considerably more intuitive than they used to be in the “desktop” environment. However, this result appears to be in contrast with a some worrisome statistics concerning the number of mobile devices running outdated OSs. The reason of this, we can argue, is that the responsibility of this lies on reasons such as the market policies of carriers and manufacturers and, in the case of the Android platform, even in the extreme fragmentation of the market. Therefore a key role is played by vendors, who should be required to grant software updates for their products for a longer period of time . Proposed solutions and initiativesFrom a Manufacturers and Vendors perspective
39 Security of The Digital Natives Should allow users to install the applications without being obliged to accept all the permissions required. It has to be possible for users to revoke/grant any single permission at any time, without being compelled to reject the entire application Should provide, alongside the device reset functionalities, the possibility of removing the users’ private data stored within the installed applications in a centralized and straightforward way. Should deliver advanced solutions to ease password management. In fact, although most of the respondents (85%) agree and understand the importance of having a passlock mechanism in place, still most of them struggle to use them. Proposed solutions and initiativesFrom the Mobile Operating System perspective
40 Security of The Digital Natives Could enforce the use of (strong) passwords, imposing that advanced features of certain applications are enabled only if passwords have been properly configured. A similar approach could be adopted also to enforce the use of non rooted/jailbroken devices. Should be liable in case the application does not implement the security mechanisms required to ensure the adequate storage and transmission of the users’ data. Policies, standards and laws should be introduced that establish the responsibility. Proposed solutions and initiativesFrom the mobile software development companies and individual developers perspective
41 Security of The Digital Natives Contact Us facebook.com/techandlawcenterinfo@techandlaw.net twitter.com/techlawcenter Tech and Law Center www.techandlaw.net

Recomendados

Mobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksMobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksAIRCC Publishing Corporation
 
776 s0005
776 s0005776 s0005
776 s0005oscarh1986
 
OCR cybersecurity
OCR cybersecurityOCR cybersecurity
OCR cybersecurityUIUC Corporate Relations
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
 
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...ijait
 
Malware threat analysis techniques and approaches for IoT applications: a review
Malware threat analysis techniques and approaches for IoT applications: a reviewMalware threat analysis techniques and approaches for IoT applications: a review
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
 
Alloy Cybersecurity
Alloy CybersecurityAlloy Cybersecurity
Alloy CybersecurityMark Stockman
 

Recomendados

Mobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksMobile Device Users’ Susceptibility To Phishing Attacks
Mobile Device Users’ Susceptibility To Phishing AttacksAIRCC Publishing Corporation
 
776 s0005
776 s0005776 s0005
776 s0005oscarh1986
 
OCR cybersecurity
OCR cybersecurityOCR cybersecurity
OCR cybersecurityUIUC Corporate Relations
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
 
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...ijait
 
Malware threat analysis techniques and approaches for IoT applications: a review
Malware threat analysis techniques and approaches for IoT applications: a reviewMalware threat analysis techniques and approaches for IoT applications: a review
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
 
Alloy Cybersecurity
Alloy CybersecurityAlloy Cybersecurity
Alloy CybersecurityMark Stockman
 
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceIJCSIS Research Publications
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionCSCJournals
 
Paper id 25201417
Paper id 25201417Paper id 25201417
Paper id 25201417IJRAT
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...IJCSIS Research Publications
 
Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...Pvrtechnologies Nellore
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITYENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITYIJITE
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY IJITE
 
Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...IJCSIS Research Publications
 
Josep Domingo Jordi Castella
Josep Domingo Jordi CastellaJosep Domingo Jordi Castella
Josep Domingo Jordi CastellaUniversidad Internacional Menendez Pelayo
 
A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...IJCNCJournal
 
ICT Resilience in EU
ICT Resilience in EUICT Resilience in EU
ICT Resilience in EUSven Wohlgemuth
 
IRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID MechanismIRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID MechanismIRJET Journal
 
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACTSECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACTvishal dineshkumar soni
 
Mobile Cyber Security
Mobile Cyber SecurityMobile Cyber Security
Mobile Cyber SecurityBob's Business
 
Telefónica security io_t_final
Telefónica security io_t_finalTelefónica security io_t_final
Telefónica security io_t_finalChristopher Wang
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Dr. Michael Agbaje
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerTELKOMNIKA JOURNAL
 
Research Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile DevicesResearch Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile DevicesDavid Thompson
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017Maurice Dawson
 

Más contenido relacionado

La actualidad más candente

A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceIJCSIS Research Publications
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionCSCJournals
 
Paper id 25201417
Paper id 25201417Paper id 25201417
Paper id 25201417IJRAT
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...IJCSIS Research Publications
 
Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...Pvrtechnologies Nellore
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITYENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITYIJITE
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY IJITE
 
Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...IJCSIS Research Publications
 
A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...IJCNCJournal
 
IRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID MechanismIRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID MechanismIRJET Journal
 
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACTSECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACTvishal dineshkumar soni
 
Telefónica security io_t_final
Telefónica security io_t_finalTelefónica security io_t_final
Telefónica security io_t_finalChristopher Wang
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Dr. Michael Agbaje
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerTELKOMNIKA JOURNAL
 

La actualidad más candente (20)

A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensik
 
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android DeviceEvidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android Device
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
 
Paper id 25201417
Paper id 25201417Paper id 25201417
Paper id 25201417
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment Model
 
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
Malicious Code Intrusion Detection using Machine Learning and Indicators of C...
 
Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...Aggregated proof based hierarchical authentication scheme for the internet of...
Aggregated proof based hierarchical authentication scheme for the internet of...
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITYENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY
 
ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY ENHANCING MOBILE LEARNING SECURITY
ENHANCING MOBILE LEARNING SECURITY
 
Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...Securing Sensitive Digital Data in Educational Institutions using Encryption ...
Securing Sensitive Digital Data in Educational Institutions using Encryption ...
 
Josep Domingo Jordi Castella
Josep Domingo Jordi CastellaJosep Domingo Jordi Castella
Josep Domingo Jordi Castella
 
A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...A novel secure e contents system for multi-media interchange workflows in e-l...
A novel secure e contents system for multi-media interchange workflows in e-l...
 
ICT Resilience in EU
ICT Resilience in EUICT Resilience in EU
ICT Resilience in EU
 
IRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID MechanismIRJET - Design of Student Security System using RFID Mechanism
IRJET - Design of Student Security System using RFID Mechanism
 
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACTSECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
 
Mobile Cyber Security
Mobile Cyber SecurityMobile Cyber Security
Mobile Cyber Security
 
Telefónica security io_t_final
Telefónica security io_t_finalTelefónica security io_t_final
Telefónica security io_t_final
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant Messenger
 

Similar a SECURITY OF THE DIGITAL NATIVES - English version

Research Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile DevicesResearch Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile DevicesDavid Thompson
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017Maurice Dawson
 
Investigating Tertiary Students’ Perceptions on Internet Security
Investigating Tertiary Students’ Perceptions on Internet SecurityInvestigating Tertiary Students’ Perceptions on Internet Security
Investigating Tertiary Students’ Perceptions on Internet SecurityITIIIndustries
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensicsijtsrd
 
Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Riina Vuorikari
 
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docx
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docxTHE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docx
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docxoreo10
 
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...IJCSIS Research Publications
 
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKS
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKSMOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKS
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKSijcsit
 
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...Nat Rice
 
Awareness about cybercrime among youth
Awareness about cybercrime among youthAwareness about cybercrime among youth
Awareness about cybercrime among youthnirmal00776
 
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Assignment Help
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationAIRCC Publishing Corporation
 
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONBEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONAIRCC Publishing Corporation
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationAIRCC Publishing Corporation
 
Enhancing Mobile Learning Security
Enhancing Mobile Learning SecurityEnhancing Mobile Learning Security
Enhancing Mobile Learning SecurityIJITE
 
Information Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityInformation Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityCSCJournals
 
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docx
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docxENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docx
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docxgidmanmary
 
Anti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital ForensicAnti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital ForensicIRJET Journal
 

Similar a SECURITY OF THE DIGITAL NATIVES - English version (20)

Research Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile DevicesResearch Essay on Security Assessment for Mobile Devices
Research Essay on Security Assessment for Mobile Devices
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
 
Investigating Tertiary Students’ Perceptions on Internet Security
Investigating Tertiary Students’ Perceptions on Internet SecurityInvestigating Tertiary Students’ Perceptions on Internet Security
Investigating Tertiary Students’ Perceptions on Internet Security
 
The Digital Dilemma - Igor Verhoeven, Bindung
The Digital Dilemma - Igor Verhoeven, BindungThe Digital Dilemma - Igor Verhoeven, Bindung
The Digital Dilemma - Igor Verhoeven, Bindung
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
 
Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )Digital Competence framework for citizens (DIGCOMP )
Digital Competence framework for citizens (DIGCOMP )
 
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docx
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docxTHE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docx
THE INTERNET OF THINGS PRIVACY AND SECURITYA Master ThesisSub.docx
 
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
 
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKS
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKSMOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKS
MOBILE DEVICE USERS’ SUSCEPTIBILITY TO PHISHING ATTACKS
 
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...
Awareness Of Safe And Responsible Use Of ICT Among Students In A Malaysian Un...
 
Awareness about cybercrime among youth
Awareness about cybercrime among youthAwareness about cybercrime among youth
Awareness about cybercrime among youth
 
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
Navigating Safely in Cyberspace_ A Guide to Internet Safety and Cybersecurity...
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics Application
 
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATIONBEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
BEHAVIOURAL ANALYTICS IN CYBER SECURITY FOR DIGITAL FORENSICS APPLICATION
 
Behavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics ApplicationBehavioural Analytics in Cyber Security for Digital Forensics Application
Behavioural Analytics in Cyber Security for Digital Forensics Application
 
presentation
presentationpresentation
presentation
 
Enhancing Mobile Learning Security
Enhancing Mobile Learning SecurityEnhancing Mobile Learning Security
Enhancing Mobile Learning Security
 
Information Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive SecurityInformation Security Management in University Campus Using Cognitive Security
Information Security Management in University Campus Using Cognitive Security
 
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docx
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docxENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docx
ENG 132Evaluation Argument One Flew Over the Cuckoo’s NestSp.docx
 
Anti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital ForensicAnti-Forensic Techniques and Its Impact on Digital Forensic
Anti-Forensic Techniques and Its Impact on Digital Forensic
 

Más de Tech and Law Center

One step further in the surveillance society the case of predictive policing
One step further in the surveillance society the case of predictive policingOne step further in the surveillance society the case of predictive policing
One step further in the surveillance society the case of predictive policingTech and Law Center
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolutionTech and Law Center
 
Andrea Molino: Applicazione delle tecnologie ICT al settore Agricolo
Andrea Molino: Applicazione delle tecnologie ICT al settore AgricoloAndrea Molino: Applicazione delle tecnologie ICT al settore Agricolo
Andrea Molino: Applicazione delle tecnologie ICT al settore AgricoloTech and Law Center
 
Emanuela Pala: Internet of Things & Smart Agriculture
Emanuela Pala: Internet of Things & Smart Agriculture Emanuela Pala: Internet of Things & Smart Agriculture
Emanuela Pala: Internet of Things & Smart Agriculture Tech and Law Center
 
Tommaso De Gregorio: Growing Hazelnuts
Tommaso De Gregorio: Growing Hazelnuts Tommaso De Gregorio: Growing Hazelnuts
Tommaso De Gregorio: Growing Hazelnuts Tech and Law Center
 
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Tech and Law Center
 
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014Tech and Law Center
 
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...Tech and Law Center
 
SECURITY OF THE DIGITAL NATIVES - Italian version
SECURITY OF THE DIGITAL NATIVES - Italian versionSECURITY OF THE DIGITAL NATIVES - Italian version
SECURITY OF THE DIGITAL NATIVES - Italian versionTech and Law Center
 
Android malware overview, status and dilemmas
Android malware overview, status and dilemmasAndroid malware overview, status and dilemmas
Android malware overview, status and dilemmasTech and Law Center
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)Tech and Law Center
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityTech and Law Center
 
Legal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe VaciagoLegal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe VaciagoTech and Law Center
 

Más de Tech and Law Center (15)

One step further in the surveillance society the case of predictive policing
One step further in the surveillance society the case of predictive policingOne step further in the surveillance society the case of predictive policing
One step further in the surveillance society the case of predictive policing
 
2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution2015.11.06. Luca Melette_Mobile threats evolution
2015.11.06. Luca Melette_Mobile threats evolution
 
Andrea Molino: Applicazione delle tecnologie ICT al settore Agricolo
Andrea Molino: Applicazione delle tecnologie ICT al settore AgricoloAndrea Molino: Applicazione delle tecnologie ICT al settore Agricolo
Andrea Molino: Applicazione delle tecnologie ICT al settore Agricolo
 
Emanuela Pala: Internet of Things & Smart Agriculture
Emanuela Pala: Internet of Things & Smart Agriculture Emanuela Pala: Internet of Things & Smart Agriculture
Emanuela Pala: Internet of Things & Smart Agriculture
 
Tommaso De Gregorio: Growing Hazelnuts
Tommaso De Gregorio: Growing Hazelnuts Tommaso De Gregorio: Growing Hazelnuts
Tommaso De Gregorio: Growing Hazelnuts
 
Smart intelligence
Smart intelligenceSmart intelligence
Smart intelligence
 
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
Gillian Cafiero - "Codifying the Harm of Cybercrime": Injecting zemiology in ...
 
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014
Cybersecurity & Digital Forensics / Dronitaly - 25 Ottobre 2014
 
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...
Giuseppe Vaciago: From Crime to privacy-oriented crime prevention in the Big ...
 
SECURITY OF THE DIGITAL NATIVES - Italian version
SECURITY OF THE DIGITAL NATIVES - Italian versionSECURITY OF THE DIGITAL NATIVES - Italian version
SECURITY OF THE DIGITAL NATIVES - Italian version
 
Android malware overview, status and dilemmas
Android malware overview, status and dilemmasAndroid malware overview, status and dilemmas
Android malware overview, status and dilemmas
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)
Digital Native Privacy (Francesca Bosco & Giuseppe Vaciago)
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the Singularity
 
Legal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe VaciagoLegal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe Vaciago
 

Último

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Último (20)

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

SECURITY OF THE DIGITAL NATIVES - English version

  • 2. 2 Security of The Digital Natives Aim of the study The goal of this survey is twofold: on the one hand the focus is on the awareness and knowledge of the university students trying to understand what is their perception of security compared to their actual knowledge; on the other hand we focus on outlining the threat landscape on the basis of their habits, on the way they use their mobile devices, on the type of data they store and on the operations they perform.
  • 3. 3 Security of The Digital Natives Who we are Tech and Law Center is an interdisciplinary center promoted by a research group composed of members from Università di Milano, Università di Milano–Bicocca, Università dell’Insubria and Politecnico di Milano. The center projects and events address digital technologies and their interaction with law and society.
  • 4. 4 Security of The Digital Natives The research team Giuseppe Vaciago Tech and Law Executive Committee Francesca Bosco Tech and Law Executive Committee Valeria Ferraris Researcher Pasquale Stirparo Tech and Law Fellow
  • 5. 5 Security of The Digital Natives The research team Stefano Zanero Tech and Law Executive Committee Pierluigi Perri Researcher Davide Ariu Tech and Law Fellow Brikena Memaj Tech and Law Member
  • 6. 6 Security of The Digital Natives Giuseppe Vaciago has been a lawyer of the Milan Bar since 2002 and for the last 10 years his primary focus has been IT Law with a focus on cyber crime. He has assisted many national and international IT companies. He is the author of many publications on cybercrime, including both scientific journals and textbooks, which have been adopted by the University where he teaches. Academically, he received his PhD on Digital Forensics from Università di Milano and he is a lecturer at Insubria University (Varese and Como) where he holds a course on IT law. He has also delivered many lectures and presentations in both Italy and abroad. He attended Fordham Law School and Stanford Law School as a Visiting Scholar to expand his studies in his own particular research area He is member of the executive committee of Tech and Law Center and fellow at the Nexa Center and at the Cybercrime Institute of Koln. Twitter: @giuseppevaciago Lawyer at Milan and Professor of IT Law Partner at R&P Legal Giuseppe Vaciago Giuseppe Vaciago
  • 7. 7 Security of The Digital Natives Francesca Bosco earned a law degree in International Law and joined UNICRI in 2006 as a member of the Emerging Crimes Unit. In her role in this organization Ms. Bosco is responsible for cybercrime prevention projects, and in conjunction with key strategic partners, has developed new methodologies and strategies for researching and countering computer related crimes. More recently, Francesca is researching and developing technical assistance and capacity building programs to counter the involvement of organized crime in cybercrime, as well as on the legal implications and future scenarios of cyberterrorism and cyber war. Furthermore, she is researching and managing projects on hate speech online and on data protection issues related to automated profiling. Francesca is one of the founder of the Tech and Law Center, she is in the Advisory Board of the Koln Cybercrime Institute and she is currently a PhD candidate at the University of Milan. Twitter: @francibosco UNICRI Project Officer and PhD student at Università di Milano Bicocca Francesca Bosco Francesca Bosco
  • 8. 8 Security of The Digital Natives Pasquale Stirparo is Digital Forensics Engineer and founder of SefirTech, a company focusing on Mobile Security, Digital Forensics and Incident Response. Prior to found SefirTech, Pasquale was working at the Joint Research Centre (JRC) of European Commission as Digital Forensics and Mobile Security Researcher, with particular interest on the security and privacy issues related to mobile devices communication protocols, mobile malware and cybercrime. He has also been involved in the development of the standard “ISO/IEC 27037: Guidelines for identification, collection and/or acquisition and preservation of digital evidence”, for which he led the WG ISO27037 for the Italian National Body in 2010. Author of many scientific publications, he has also been invited as speaker to several national and international conferences and seminars on Digital Forensics and lecturer on the same subject for Politecnico di Milano and United Nations (UNICRI). Pasquale is Ph.D. candidate at the Royal Institute of Technology (KTH) of Stockholm, holds a MSc in Computer Engineering from Politecnico di Torino and he’s certified GCFA, OPST, OWSE, ECCE. Twitter: @pstirparo Digital Forensics Engineer, Founder at SefirTech Ph.D. candidate at Royal Institute of Technology (KTH) Stockholm. Pasquale Stirparo Pasquale Stirparo
  • 9. 9 Security of The Digital Natives Chapters of the report LEGAL AND POLICY MAKING CONSIDERATIONS ANALYSIS OF THE QUESTIONNAIRES CONCLUSIONS AND RECOMMENDATIONS TECHNICAL CONSIDERATIONS
  • 11. 11 Security of The Digital Natives The survey was carried out using a questionnaire containing 60 multiple-choice questions divided into sections related to the different aspects of the issue: practice patterns for smartphones, tablets and laptops; approach to the various networks; and, for all the applications on the devices, the use of passwords, the perceptions of the security risks, and the general interest in and knowledge of the topic. The target population was university students. The administration of the questionnaire was carried out anonymously through the platform “Google Form” from September to November 2013 and it involved over 15 Italian Universities. 1012 questionnaires were collected. These presented responses from a wide range of geographic areas and degree choices (with a good mix of students from both the sciences and the humanities). Methodological remarks
  • 12. 12 Security of The Digital Natives This group represents the 38,3%. This group represents the 24%. This group represents the 37,4 %. Light users Medium users Heavy users Users Groups The statistical technique helped in identifying 3 well-diversified groups, each one presenting homogeneous characteristics useful to define 3 users’ profiles
  • 13. 13 Security of The Digital Natives The sample: gender and study Communication Science 8,9 % Law 29,6% Other Faculties 22,2% Computer science and engineering 39,3 % Smartphones and tablet users are 58% male and 42% female, in line with male higher presence in IT studies.
  • 14. 14 Security of The Digital Natives The use of mobile devices Some preliminary questions aimed at understanding how students use their mobile devices and what they save on the devices. . take photos and videos with their smartphones and tablets 70 % they store personal passwords on their devices. 27,7 % they save contacts/photos and videos 97 % 75 % “always or often” make phone calls, receive text messages/e-mails; browse the web; use Skype, social apps
  • 15. 15 Security of The Digital Natives The knowledge and fear of risksHow worried they are about the security of their mobile devices 33,4% 5,6% 53% 8%
  • 16. 16 Security of The Digital Natives The knowledge and fear of risksHow secure they feel when doing these activities with their mobile devices
  • 17. 17 Security of The Digital Natives Protect mobile devices with PIN number 28,8 %Protect mobile devices with pattern lock 23,9 % Protect mobile devices with password/passphrase 6,6 %Protect mobile devices with biometrics (e.g.voice recognition) 0,6 % The password use and management and the technologies to protect mobile devices
  • 18. 18 Security of The Digital Natives Technical solutions to protect data in mobile devices 20% of the students do not know what these solutions are and another 20% do not use them. Among the systems used:
  • 19. 19 Security of The Digital Natives Final question on self assessment How they assess their knowledge on mobile security (%)
  • 20. Legal and policy making considerations
  • 21. 21 Security of The Digital Natives Students pay absolutely no attention at all to the password relevant security requirements and they simply use the predictable password Students installs software and applications from unauthorized stores or without giving importance at right of access Mobile device is passed on to someone else, in particular where they are sold as second hand or lent to someone. PASSWORD APPS SHARING Results of the survey and possible scenarios
  • 22. 22 Security of The Digital Natives of students interviewed save, on their device, pins and passwords used for private services 1 27 % Results of the survey and possible scenarios of students interviewed do not log out after using a service online 40 % of students interviewed very rarely or never check the type of permissions required when downloading an app 53 % of students interviewed use open Wi-Fi systems to connect to the Internet on their mobile device using all types of functions 41%
  • 23. 23 Security of The Digital Natives of students interviewed do not use a password to protect their mobile device 40% of students interviewed said that, when asked to change their password, the new password that they create takes the form of a minor variation on the previous one 41% is currently using two-factors authentication 5% Password is tiring... It follows that one of the most critical issues to be tackled in the IT field is the fact that users need to be persuaded to use a password that can actually operate to protect their data. Our research in fact revealed that
  • 24. 24 Security of The Digital Natives Identity Theft – A fragmented scenario 1.Lack of specific legislation on ID Theft 2.Lack of National reporting System on ID Theft 3.Different Penalties from Country to Country Comparative Study on Legislative and Non Legislative Measures to Combat Identity Theft and Identity Related Crime: Final Report”, RAND Europe, June 2011.
  • 25. 25 Security of The Digital Natives Identity Theft 1.Introduction of an ad hoc Legislation 2.Reinforcement of the collaboration between national investigative bodies via an EU contact Network • Centralized reporting system on EU Basis A good example: CONSAP Project on ID Theft for the following project: Financial, TELCO and Insurance (Legislative decree 64/11)
  • 26. 26 Security of The Digital Natives The Italian Data Protection Authority focus attention on the correct use of mobile devices with its 'Fatti smart!' ['Be Smart!'] campaign ENISA organize in the next months a cybersecurity championship where university students compete on Network Information Security Challenge Cybersecurity Campaign Initiative
  • 27. 27 Security of The Digital Natives Security v. Usability 54.5% of the students go onto sites that require authentication via Google or Facebook. This confirms the extent to which usability is a determining factor in terms of the level of trust that a user places in an online service. Usability is the central issue to increase the levels of security of the mobile device
  • 28. 28 Security of The Digital Natives 1.D. Solove: “Schools are gathering and sharing a mammoth amount of personal data” 2.There is no a clear Security policy for mobile devices in the Italian University 3.Not only the students, but also the Professor are not always aware of cybersecurity risks D. Solove, 5 Things School Officials Must Know About Privacy The Regulation of Mobile Devices in Universities In certain American universities security standards (e.g. HIPAA) are imposed for mobile devices owned by students and university staff (Bring Your Own Device- BYOD) in order to verify their security levels (use of anti-virus software, updates to the operating system and encryption systems)
  • 29. 29 Security of The Digital Natives Awareness Responsibility Response Ethics Democracy Risk assessment Proposed Solutions and Initiatives Security design and implementation Security management Reassessment
  • 31. 31 Security of The Digital Natives When asked to evaluate their knowledge of mobile security issues, on a scale from 1 to 10, a significantly high percentage of the respondents (55%) graded themselves between 6 and 8. This, however, contrasts with the average percentage of “correct” technical answers of the questionnaire, which was 29%. This discrepancy between perceived knowledge and actual knowledge conveyed through answers to technical questions, was confirmed by the different levels of confidence at the beginning and at the end of the survey. After going through the security questions in the survey, the confidence of university students on their level knowledge falls from 82% of respondents evaluating their confidence above 6 before the survey, to 66% at the end. The possibility of a potential bias induced by the Dunning-Kruger effect should be taken into consideration, which is a cognitive bias in which unskilled individuals suffer from illusory superiority, mistakenly rating their ability much higher than is accurate. This bias is attributed to a metacognitive inability of the unskilled to recognize their ineptitude. Awareness, knowledge and (false) perception
  • 32. 32 Security of The Digital Natives Habits and behaviors that may impact all security aspects, reflecting on all the threats. Habits that involve personal data and potential security and privacy threats. Habits that may have economic consequences (losses) for the individuals. General Identity Theft Economical Security ThreatsThreats that may arise from the students' behavior and habits
  • 33. 33 Security of The Digital Natives General Security Issues Which concerns how respondents behave with respect to software updates and application permissions 7% Of respondents perform regular updates to both mobile OS and apps 81 % Is the share of iOS devices in the wild outdated for longer than a year 4% of Android in the wild still run the 3 years old Gingerbread version 24% do not regularly update their mobile operating system (OS) or their mobile apps Oddly enough, presence in the market of old mobile OS versions, mainly related to Android phones, is still very high.
  • 34. 34 Security of The Digital Natives General Security Issues Which concerns how respondents behave with respect to software updates and application permissions 53,8% 25,5% 20,7% Moving to the installation and usage of apps, almost 54% of the respondents never or rarely check the permissions apps require. Such behavior is a dangerous trend that needs to be addressed: overlooking the privileges an app requires increases the proliferation of malware, since users will install and click on “YES” on anything
  • 35. 35 Security of The Digital Natives of users store their Address Book on their phones equiping it with personal photos and videos96% just 25% of responders regularly log out when done using an app 25% do not use any lock mechanism to prevent non-authorized access to the device 40% claimed to forsake the security features in order to maintain easy access to the device 52 % Identity Theft
  • 36. 36 Security of The Digital Natives It appears that users very often do not check the permissions required by the apps. This may be due to the fact that on some mobile platforms (Android, Windows Phone) permissions are granted in an “all or nothing” form. This is a dangerous model that trains people to overlook permissions, because they want to install that application not matter what the requisites are. This result becomes more worrisome if linked with the fact that 17% of the respondents install mobile applications from untrusted sources other than the official application markets. These two results together support the proliferation of mobile malware and particularly of the category of “toll fraud”, where the application silently subscribes the user to premium-rate SMS services. Economical Threats & the risk of mobile malware
  • 37. 37 Security of The Digital Natives What about Secure Development? 8,5% 40,1% 28,2% Among the respondents who declared to develop mobile applications (either for fun or profit), only 28% was following the guidelines for secure mobile programming. 23,2%
  • 38. 38 Security of The Digital Natives From the questionnaire emerged that the respondents are inclined to regularly update their devices. We can infer from this that they are conscious of the importance of software updates, but also that the procedures to update mobile devices and apps are considerably more intuitive than they used to be in the “desktop” environment. However, this result appears to be in contrast with a some worrisome statistics concerning the number of mobile devices running outdated OSs. The reason of this, we can argue, is that the responsibility of this lies on reasons such as the market policies of carriers and manufacturers and, in the case of the Android platform, even in the extreme fragmentation of the market. Therefore a key role is played by vendors, who should be required to grant software updates for their products for a longer period of time . Proposed solutions and initiativesFrom a Manufacturers and Vendors perspective
  • 39. 39 Security of The Digital Natives Should allow users to install the applications without being obliged to accept all the permissions required. It has to be possible for users to revoke/grant any single permission at any time, without being compelled to reject the entire application Should provide, alongside the device reset functionalities, the possibility of removing the users’ private data stored within the installed applications in a centralized and straightforward way. Should deliver advanced solutions to ease password management. In fact, although most of the respondents (85%) agree and understand the importance of having a passlock mechanism in place, still most of them struggle to use them. Proposed solutions and initiativesFrom the Mobile Operating System perspective
  • 40. 40 Security of The Digital Natives Could enforce the use of (strong) passwords, imposing that advanced features of certain applications are enabled only if passwords have been properly configured. A similar approach could be adopted also to enforce the use of non rooted/jailbroken devices. Should be liable in case the application does not implement the security mechanisms required to ensure the adequate storage and transmission of the users’ data. Policies, standards and laws should be introduced that establish the responsibility. Proposed solutions and initiativesFrom the mobile software development companies and individual developers perspective
  • 41. 41 Security of The Digital Natives Contact Us facebook.com/techandlawcenterinfo@techandlaw.net twitter.com/techlawcenter Tech and Law Center www.techandlaw.net