Mobile threat defense is a comprehensive approach that combines management of vulnerability, detection of anomalies, intrusion prevention, behavior profiling, host firewalling, and other techniques to defend mobile devices and applications against security breaches.
Mobile security must take into account the blurring of today’s enterprise security boundaries.
The importance of mobile security in today’s business world cannot be overstated. Business-assigned devices and BYO devices face many potential threats:
- Physical threats (due to their inherent portability)
- Network threats (since mobile devices connect to far more networks than PCs)
- Malware – a particular threat on BYO devices
- App vulnerabilities due to the rapid pace of mobile innovation
- Threats we don’t know about yet
Following are 10 key stats and trends on mobile threat defense, and every business should be familiar with them.
1. It Takes Way Too Long to Discover Security Breaches
You might think mobile security incidents are picked up quickly but that is definitely not always the case. It can take months for organizations to discover a breach, and that discovery may come from someone outside the company who notifies them that data has been leaked.
2. Android Devices Are Disproportionately Targeted
The overwhelming majority of all mobile malware targets are Android OS devices. Java compromises, Flash exploits, and PDF issues lead the threats. Mobile threat defense is critical with all devices, but currently Androids are much more heavily targeted than iOS devices.
3. Most Malware Is Home-Grown
Where does most malware come from? Mostly from within the United States. Microsoft reports that most malware is hosted on data center servers, and the majority of them are located within the United States. Mobile threat defense must monitor domestic threats.
4. Layers: Not Just Appropriate for Cold Weather
The traditional enterprise security parameter is no longer a well-defined line. Therefore, businesses must use diverse and layered security that includes end-users and the devices they use for work, whether company-assigned or BYOD.
5. Attacks Don’t Just Come from Teens in Basements
Malware attacks are increasingly motivated by politics and ideology. State-sponsored industrial espionage, ransomware, and DDoS attacks are increasingly promulgated by political and ideological groups, such as the Syrian Electronic Army.
6. Attackers Are Often Better at Sharing Information Than Defenders Are
Sharing mobile threat defense information can help companies protect themselves better.
Many organizations and businesses measure security and collect data, but they don’t always share it with others. However, attackers appear to be committed to sharing information amongst themselves. Strategic sharing can help defenders increase security while minimizing risk.
7. Many IT Departments Are Run Too Lean
Continually trying to cut operational costs by running IT departments perilously lean eventually backfires. Unfortunately, mobile security (and IT security in general) is time-intensive, and there simply aren’t a lot of shortcuts. Mobile threat defense is an important investment.
8. Mobile Malware Is Going Where the Money Is
The number of malware installation packages has increased significantly in 2015, and data from Kaspersky indicates that much of this new malware is moving toward monetization, including banker Trojans and ransomware Trojans.
9. Mobile Threats Have Been Compared to Ebola
In 2014, fewer than 1% of Android devices were infected with mobile malware. However, when mobile security is compromised, the results can be disastrous. Some have compared it with Ebola, noting that risk is limited, but malware can be tremendously harmful when it strikes.
10. Mobile Devices, in Particular, Are Seen as a Weak Link
Smartphones and tablets are perceived as the weakest link in IT security, with most users operating three or four devices on a daily basis. More than half of respondents to the 2015 Cyberthreats Defense Report said they experienced more mobile threats in 2015 than 2014.
Control and Visibility Are Keys to Mobile Threat Defense
Real mobile security requires mobile threat defense based on the assessment of risks, knowledge of the current state of the risk environment, and access to multiple tools that protect apps, devices, and data. If you are interested in learning about the risks your organization faces and how to plan a strong mobile threat defense strategy, you can request a free trial of Skycure Enterprise Edition and start toward a more secure mobile future today.