Mobile malware? Other mobile security threats are more pressing. Every enterprise should have its eye on these eight issues.
Mobile security is at the top of every company’s worry list these days — and for good reason: Nearly all workers now routinely access corporate data from smartphones, a trend that’s grown even more prominent thanks to the ongoing global pandemic. The vast majority of devices interacting with corporate data are now mobile, in fact — some 60%, according to Zimperium — and that number is only bound to keep climbing as the world acclimates to our new remote-work reality.
All that means keeping sensitive information out of the wrong hands is an increasingly intricate puzzle. The stakes, suffice it to say, are higher than ever: The average cost of a corporate data breach is a whopping $3.86 million, according to a 2020 report by the Ponemon Institute. That’s 6.4% more than the estimated cost just three years earlier, and the nature of the pandemic is expected to bring that cost up further yet, given the extra challenges presented by the work-from-home arrangement.
While it’s easy to focus on the sensational subject of malware, the truth is that mobile malware infections are uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one memorable estimate. Malware ranks as one of the least common initial actions in data breach incidents, as noted by Verizon’s 2020 Data Breach Investigations Report. That’s thanks to both the nature of mobile malware and the inherent protections built into modern mobile operating systems.
The more realistic mobile security hazards lie in some often-underemphasized areas, all of which are only expected to become more pressing in the months ahead:
1. Social engineering
The tried-and-true tactic of trickery is more troubling than ever in light of the pandemic, and that’s especially true on the mobile front. Phishing attacks have increased six-fold since the start of COVID, according to Zimperium, and mobile devices are now the main target — with COVID-connected schemes, specifically, on the rise.
“[Scammers] know people are working from home and are spending more time on their mobile devices and are not taking the same precautions as they may on traditional computers,” says Nico Chiaraviglio, vice president of security research at Zimperium. “From an attacker’s perspective, it’s supply and demand.”
Think it couldn’t affect your company? Think again. A staggering 91% of cybercrime starts with email, according to a report by security firm FireEye. It refers to such incidents as “malware-less attacks,” since they rely on tactics like impersonation to trick people into clicking dangerous links or providing sensitive info. Phishing has been growing rapidly over the past few years, the company says, and mobile users are at the greatest risk of falling for it because of the way many mobile email clients display only a sender’s name — making it especially easy to spoof messages and trick a person into thinking an email is from someone they know or trust.
Continue Reading: https://www.csoonline.com/article/3241727/8-mobile-security-threats-you-should-take-seriously.html
