By Louis Columbus,
- 84% of enterprises said that their reliance on data stored in the cloud is growing, making mobile device security a strategic priority.
- 54% of enterprises are less confident about the security of their mobile devices than that of their other systems.
- 45% of enterprises said that their defenses are falling behind attackers’ capabilities.
- According to MobileIron, 31% of devices were found to harbor known threats today.
- 21% of enterprises who have been compromised said that a rogue or unapproved application had contributed to the incident.
These and many other fascinating findings are from the Verizon’s Mobile Security Index (MSI) 2020, downloadable here (70 pp., PDF, opt-in). Verizon’s latest Mobile Security Index relied on MobileIron’s Threat Defense installed base for aggregate data from mobile devices that have threat detection activated. Taking this approach enabled Verizon to discover malware and man-in-the-middle (MitM) attacks were top threat vectors in 2019. Since the Index began in 2018, there’s been a 41% increase in companies reporting they have been comprised via mobile devices. According to the U.S. Secret Service, who contributed to this year’s report, the average loss from a bank robbery is about $3,000, while the average loss from a successful business-email compromise attack is nearly $130,000. The Index is based on interviews with 876 professionals responsible for buying, managing, and securing mobile devices. Please see page 63 of the study for more details on the methodology.
Mobile-Centric Zero Trust Needs To Be the First Line Of Defense
Cyberattackers are opportunistic and quick to take advantage of security gaps in mobile device applications, connections, and platforms. Based on the insights provided in the Index and lessons learned from speaking with CISOs and IT leaders at RSA Conference 2020 on San Francisco, it’s clear that organizations could benefit from a more agile, adaptive approach to mobile-centric zero-trust security. To learn more about how zero trust works, be sure to watch Forrester Principal Analyst Dr. Chase Cunningham’s excellent video, Zero Trust, in Practice here.
The Imminent Cloud War Isn’t About Market Share
Dr. Cunningham’s video and ongoing thought leadership and the latest Verizon Index both underscore how vulnerable mobile apps, devices, and platforms are to attacks. Hackers are successfully weaponizing mobile devices against enterprises with the goal of exfiltrating confidential corporate data using a variety of techniques, including MitM attacks. The study also found that public WiFi networks are 94.7x riskier to use than secured corporate WiFi networks.
Organizations need to take a mobile-centric zero-trust approach that is adaptive and agile enough to flex as their business changes over time. The sooner every organization realizes that mobile identities are the new security perimeter, the more effectively they will be able to protect company data wherever it travels. They’ll also be able to help users comply with company security policies and local regulations.