The third annual Verizon Mobile Security Index finds that a large number organizations are still compromising mobile security to get things done, which can leave entities at risk. About four out of 10 respondents (43 percent) reported their organization had sacrificed mobile security in the past year. Those that did were twice as likely to suffer a compromise.
In fact, the study found that 39 percent of respondents reported having a mobile-security-related compromise. Sixty-six percent of organizations that suffered a compromise called the impact “major,” and 55 percent said the compromise they experienced had lasting repercussions.
“In today’s world, mobile connectivity is more important than ever. Organizations of all sizes and in all industries rely on mobile devices to run much of the day to day operations, so mobile security is a priority,” said Bryan Sartin, executive director, global security services with Verizon. “The types of devices, diverse applications and further emergence of IoT devices further complicate security. Everyone has to be deliberate and diligent about mobile security to protect themselves and their customers.”
Because mobile attacks aren’t industry specific, this year’s Verizon Mobile Security Index 2020 features supplemental vertical reports in key segments including: financial services; healthcare; manufacturing; public sector; retail and small and medium business. The report also discusses the importance of mobile security in pivotal technologies like cloud and IoT and how the emergence of 5G will impact security. And with 80 percent of organizations saying that mobile will be their primary means of accessing cloud services within five years, now is the time to hone in on mobile security.
The obvious question is: what should organizations do? The report highlights users, apps, devices and networks as the four key mobile attack vectors. The report includes a number of tips on how organizations can safeguard against mobile security threats, including establishing a “security-first” focus, developing and enforcing policies and encrypting data over unsecured networks.