McAfee announced findings from new research that reveals that mobile device manufacturers are not only experiencing more mobile security issues than ever before but are also spending more time and money on recovering from security incidents.
In its third annual report into the mobile ecosystem, McAfee explores manufacturers’ security experiences, their concerns and priorities and their approaches to the major future security challenges. The findings indicate that security is proving a barrier to service innovation and the development of new business models.
Key findings from the McAfee Mobile Security Report 2009 include:
- Half of all global manufacturers reported mobile malware infections, voice and spam attacks, third party application problems or incidents that caused network capacity issues
- Almost half (48%) of manufacturers agreed that the cost related to patching and fixing affected devices had significantly impacted their business
- Concern over the security of mobile device functions is high; 81% of manufacturers are worried about mobile payments; 69% are not convinced by the safety of installing applications and 66% are concerned about devices’ WiFi and Bluetooth connectivity
- Three quarters (75%) agree that carriers and manufacturers should carry the cost of security and only 12% think that users should be involved with handling security measures.
Widespread increase of incidents
Despite manufacturers’ attempts to lock down security, evidence shows that security issues are growing in diversity and sophistication. Overall, there has been a dramatic upswing in the number of incidents across all the major threat categories – including exploits that affected manufacturers’ device functionality, users’ privacy and even network or service capacity – in many cases by more than double over the last year. More than 40% of manufacturers also reported that they had experienced security threats across the complete range of the most common mobile security threats.
Supported by almost all mobile devices, voice or text spam attacks have hit the greatest number of devices (in 2008 incidents affecting > 1 million devices were reported by 17% of manufacturers), but there has also been a considerable rise in the number of issues with third party applications and content with prematurely released applications causing severe network capacity issues or crashing and locking devices altogether.
Impact on cost and future functionality
Recent experiences have demonstrated how costly and complex security issues can be for manufacturers, not only in terms of immediate bottom line but also in relation to the longer term hit to reputation. Almost half (48%) of manufacturers highlighted that patching and fixing devices is an expensive business, 36% stated that security incidents have had a negative impact on their brand or public relations and almost a third again (32%) said that security problems have prompted a significant loss in credibility or user satisfaction. In parallel, as security issues continue to grow, so too do concerns surrounding the development of new services and functionality predicted to generate future revenue streams.
Stepping up security
As such, more than 70% of manufacturers agree that addressing mobile security is critical as they look to the future and are taking control of device protection measures. Three-quarters believe that the cost of security should be borne by carrier/service providers (44%) and by manufacturers (31%) rather than by the user and more than two thirds of mobile manufacturing companies (69%) believe that device integrated security is the most effective and efficient way to protect devices.
The research was conducted by Informa Telecoms and Media and incorporated over 30 international mobile device manufacturers.