According to the results of Kaspersky Lab's Global Corporate IT Security Risks: 2013 [PDF] study, conducted by B2B International in collaboration with Kaspersky Lab, only 14 percent of companies have a fully developed mobile device security policy in place for their corporate networks.

Still, 6 percent of respondents said mobile devices had been the source of at least one leak of confidential data over the past 12 months -- that's more than phishing attacks (5 percent), employee fraud (4 percent), or corporate espionage (3 percent).

Much of that is tied to the increasing implementation of bring-your-own-device (BYOD) policies -- while almost 65 percent of survey respondents said the BYOD environment is a growing threat to the security of corporate IT infrastructures, almost 64 percent said they have no plans to impose any restrictive policies on mobile devices.

While 41 percent of survey participants said they have a mobile device security policy that's not fully developed, 32 percent plan to roll one out in the future, and 13 percent don't have a policy and don't plan to develop one.

"At the same time, almost half (48 percent) of those who said they had security policies for mobile devices added that the budget increases provided in order to implement such policies had not be sufficient and another 16 percent stated that no extra budget had been available at all," the report [PDF] states.