"This is not a phase that a generation will grow out of," said Kevin Bocek. "This is an evolution in the way business is architected and run. Gartner refers to this change brought on in part by Gen Y and by social, mobile, and cloud as 'The Nexus of Forces.' These are unstoppable forces that are changing IT forever."
Guy Helmer's advice is to work with it, rather than try to stop it.
"In many instances, security incidents have occurred because tech-savvy employees find a work-around that will enable them to do their work," he said. "A good example is an employee using a cloud-based service like DropBox to share large files that are difficult to email or access on the network remotely. IT needs to approach the situation as an enabler, not an enforcer."
SpectorSoft's Mike Tierney said companies need to, "establish what is, and isn't, acceptable when it comes to data security," and communicate that clearly to their employees.
"There's an adage I read a few weeks back that puts it in context: 'What you allow, will continue,'" he said.
That, he said, leads to two options: "One is to lock it down --companies will have to choose security over productivity and keep employees actions within the confines of security policy. The other is to allow a more open environment, but only on devices where the company can monitor usage and be notified when someone goes outside the boundaries of what's acceptable," he said.
"In either case, the onus is on the company to do all the work," he added.
Kyrk Storer, an account supervisor at HORN and also part of Gen Y, said clarity from employers would help. Since technology is an everyday thing and security risks "rarely cross our mind," it would help to have, "clear explanation on the part of the employer when we start our careers," about security policy.
Mike Denning, senior vice president and general manager of the Security business at CA Technologies, says being tech-savvy can be a security asset.
"From growing up in a world full of cyber-security risks, they often have a better intuitive sense of which actions are risky and which are not. For them, it has become second nature to not open email attachments from untrusted sources or to download risky applications."
But, he adds, "BYOD -- the blending of work and personal on the same device, and being active on social networks -- is a way of life. You don't grow out of it, nor should you, but you do need to protect and manage and operate smartly.
Sign up for CIO Asia eNewsletters.