Growing mobile cybersecurity incidents spur plans for increased security investment

A majority of RSA attendees plan to spend more on mobile security in the coming year, Lookout has discovered.

Since critical data has moved to the cloud, employees are able to access it from any network, wherever they are in the world. In fact, 76 percent of the 100 polled RSA Conference attendees access corporate data from personal mobile devices and/or public WiFi networks, according to the results of the Lookout Post-Perimeter Security Survey.

Key findings from the survey include:

• Growing mobile cybersecurity incidents — 1 in 10 RSA attendees report that their organization has experienced a mobile cybersecurity incident or breach in the past 12 months; however, according to the Verizon Mobile Security Index 2019 (MSI), 1 in 3 companies admitted they’d suffered a compromise in which a mobile device played a role. In fact, according to the Verizon report, the number of companies admitting they’d suffered a compromise in which a mobile device played a role went up from 27% in the 2018 report to 33% this time around.
• Increasing mobile security investment — 52 percent of RSA attendees plan to increase their mobile security spend in the next 12 months, underscoring a growing awareness of mobile security risk.
• Mobile security habits — 76 percent of RSA attendees have accessed their corporate network, corporate email or corporate cloud services from a personally-owned mobile device or tablet. Additionally, 76 percent of RSA attendees have accessed their corporate network, corporate email or corporate cloud services from a public WiFi network, such as a coffee shop, airport or hotel. Mixing personal and public environments with corporate data can be a source of significant security risk and is responsible for the erosion of traditional network perimeter security.
• Focus on securing connections to corporate email, messaging apps and storage — Most commonly, RSA attendees reported using their mobile devices to access corporate email (85%), messaging, such as Slack (53%), and storage services, such as Google Drive or Box (43%).

“Mobility, SaaS and cloud computing are enabling end users to access corporate data from any device and any location, rendering traditional perimeter security ineffective,” said Santosh Krishnan, Chief Product Officer, Lookout.

“So it is not surprising that, in this post-perimeter era, an overwhelming majority of respondents have accessed corporate data from personal mobile devices or through public WiFi networks. This is concerning, as attacks, like phishing, have evolved to take advantage of the fact that existing perimeter protections no longer have visibility into user traffic. Enterprises need to adopt a post-perimeter security architecture to secure access to their corporate data.”