Most Businesses Totally Unprepared for Mobile Attacks
Mobile devices represent a gaping hole in the cybersecurity armor of most businesses, because they simply aren’t preparing for mobile breaches.
A research report from Dimensional Research sponsored by Check Point finds that IT pros are generally unprepared for mobile compromise, with nearly two-thirds (64%) of enterprise security professionals doubting their organizations can prevent a breach to employees’ devices.
Already, 20% of businesses have experienced a mobile breach, while 24% don’t know or can’t tell whether they’ve had one. Plus, more than 20% of the participants saying a mobile breach could cost a company more than $500,000, while a majority (94%) of those polled indicated that they expect the frequency and sophistication of mobile cyberattacks to grow.
Yet, businesses fail to allocate appropriate resources to protect against mobile attacks, despite the fact that more than half of respondents (51%) believe that the risk of data loss is equal to or greater than PCs, and potentially just as costly.
“The research consistently revealed that the overall focus and preparedness of security for mobile devices is severely lacking,” said David Gehringer, principal of Dimensional Research. “Security professionals identified the risk of mobile devices, but focus and resources assignment seem to be waiting for actual catastrophes to validate the need to properly prepare their defenses. It’s unfortunate that so many companies have not learned from the past and are doomed to repeat wasted costs and the customer outrage of being breached.”
The danger is real: For instance, when Check Point performed a mobile security check-ups at Samsung Research America, it was learned that 5% of 1,200 devices inspected were infected, either with credential stealers, keyloggers, unauthorized root kits, and mobile remote access Trojans, providing unlimited access to infected smartphones and tablets.
Over a third of companies fail to adequately secure mobile devices, with only 38% employing a dedicated mobile security solution, other than standard enterprise mobile management (EMM) platforms. There’s a risk of digging oneself even more into a hole without taking action: A full 79% say the difficulty of securing mobile devices will only grow.
Source: Information Security Magazine