A small survey by a global communications firm has some indicators of the worsened risk environment to raise alarm bells
The traditional 9-to-5 in-office workday has been shifting to an always-on hybrid or remote-working world. With the increase in hours, locations and devices comes an increase in vulnerability for firms bracing against ubiquitous cyberattacks and state-sponsored espionage.
Based on an Apr 2022 independent survey of 632 professionals responsible for security strategy, policy, and management (who do the buying, managing, and security of mobile and Internet of Things devices for their firms), some recent trends in the mobile security landscape have been observed.
Some of the survey findings include:
- A 22% year-over-year increase in major cyberattacks in the last year that involved a mobile/IoT device was found in the data.
- 85% of respondents indicated that they had a budget dedicated to mobile security.
- 79% of respondents agreed to prompts that the recent changes to working practices had “adversely affected” their organizations’ level of cybersecurity. At the same time, 85% indicated that home Wi-Fi and cellular networks/hotspots were allowed or there was no policy against them, while 68% indicated that their firm allowed or had no policy against the use of public Wi-Fi.
- 64% of respondents indicated their view that public awareness of cybersecurity risks will increase in the future: 66% of respondents indicated that they had previously come under pressure to sacrifice mobile-device security “to get the job done,” and 52% indicated that they had succumbed to that pressure.
- In the business sectors, the following trends were observed:
- 23% of enterprise-firm respondents indicated they had suffered a mobile security compromise. Of those, 74% indicated the impact of the mobile security compromise was major, and 34% indicated that such compromises had “lasting repercussions”. Additionally, 81% of enterprise respondents indicated that their mobile device security spend had increased over the past year and 76% believed this will increase in the near future.
- 88% of retail respondents were concerned that a mobile security breach could have a lasting impact on their brand or customer loyalty. Some 70% indicated that increased mobile use was essential to staying relevant to consumers, while 41% indicated that this had presented a daunting security challenge.
- 93% of respondents in financial services indicated that they believed cybercriminals saw their sector as a more lucrative target than other industries.
- 87% of healthcare organizations in the survey were concerned that their highly confidential patient data made them a target for cybercriminals, and 85% indicating they were concerned that a security breach could compromise patient care. Some 76% agreed to prompting that the adoption of telehealth presented them with an opportunity to improve patient care.
- 79% of respondents in manufacturing/construction/transportation believed a mobile security compromise could disrupt their entire supply chain, resulting in serious financial implications, with 76% agreeing to prompts that the adoption of mobile-based services by shop floor workers was essential to improving productivity.
- 87% of public sector and education respondents indicated that employee expectations for remote/flexible working were forcing them to re-evaluate how they operate, with 72% agreeing to prompts that the increased use of mobile-based services by public sector employees was essential to accelerating the digital transformation of public services.
- In the consumer/end-user sector, unwanted phone calls and spam text messages posed a real threat to mobile device owners. Between May and June 2022, Verizon Communications, the firm producing the survey data, had identified or blocked 2.5bn unwanted calls for wireless customers, detecting more than 26.5bn spam calls to date. On a daily basis, Verizon blocks tens of millions of spam text messages and classifies millions of voice calls as either Verified or SPAM.
Said Sampath Sowmyanarayan, CEO, Verizon Business: “For businesses, regardless of industry, size, or location on a map, downtime is money lost. Compromised data is trust lost, and those moments, although not insurmountable, are tough to rebound from. Companies need to dedicate time and budget on their security architecture, especially when it comes to off-premise devices: otherwise they are leaving themselves vulnerable to cyber-threat actors.”
With the increase in remote work flexibility, meeting security has become an essential business priority. By protecting the privacy of customers and implementing standards-based security protocols including SIP, SRTP, TLS, and H. 323, firms can be proactive about video conferencing security and privacy, Sowmyanarayan noted.