Corporations ‘not prepared’ for mobile breach

Corporations 'not prepared' for mobile breach

‘Security professionals identified the risk of mobile devices, but focus and resources assignment seem to be waiting for actual catastrophes to validate the need to properly prepare their defences. It’s unfortunate that so many companies have not learned from the past and are doomed to repeat wasted costs and the customer outrage of being breached’

Nearly two-thirds (64%) of respondents stated they are doubtful that their organisations can defend against a mobile cyber attack, according to a survey from Check Point and Dimensional Research.

Security breaches are a growing concern for organisations and the increasing use of mobile devices at work only increases the threat. Indeed, 20% of respondents stated their company has already experienced a security breach on its mobile devices, and a further 24% did not know if their company’s mobiles had been breached.

The survey showed that 94% of security professionals expect the frequency of mobile attacks to increase rapidly over the next year. However, just 38% of respondents stated their organisations use a mobile security solution other than mobile device management or enterprise mobile management to protect against attacks. The issue needs to be addressed at boardroom level.

>See also: 3 pre-breach remedies in the age of the cyber attack

A total of 410 participants who have security leadership or frontline responsibilities completed the global survey, representing the full spectrum of job responsibilities and company sizes.

It revealed that malware is the most common type of mobile attack, with 58% of respondents having seen malware attacks against company mobile devices. A further 54% have seen SMS phishing exploits, and 54% have seen network attacks from WiFi or man-in-the-middle exploits, while 41% had seen mobile credential theft and key logging exploits.

Mobile breaches are costly

37% of respondents said that the cost of a mobile device breach to their organisation would be over $100,000, and 23% said it would cost over $500,000.

These are similar to the estimated costs of a breach from a conventional desktop or laptop PC , highlighting how much sensitive data is stored on mobile devices, and the ease of access they offer to corporate resources.

>See also: Mobile devices are hindering IT departments and costing companies

Lack of resources is a barrier to mobile device cyber attack protection. Over 60% of respondents cited a lack of resources (either budget or personnel) as the main reason for not deploying a mobile device security solution. However, 62% of companies are allocating more resources to mobile security initiatives compared to previous years.

“The research consistently revealed that the overall focus and preparedness of security for mobile devices is severely lacking,” said David Gehringer, principal of Dimensional Research.

“Security professionals identified the risk of mobile devices, but focus and resources assignment seem to be waiting for actual catastrophes to validate the need to properly prepare their defences. It’s unfortunate that so many companies have not learned from the past and are doomed to repeat wasted costs and the customer outrage of being breached.”

[“Source-information”]