64 Percent of Security Pros Can't Stop a Mobile Data Breach

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Sixty-four percent of security professionals doubt their organizations can prevent a breach to employees' mobile devices, a recent Dimensional Research survey [PDF] of 410 security leaders found.

The survey, sponsored by Check Point Software, also found that 20 percent of businesses have experienced a mobile breach, and another 24 percent don't know, or can't tell, whether they've experienced one.

Strikingly, 51 percent of respondents believe the risk of mobile data loss is equal to or greater than that for PCs.

"Perhaps the high level of concern is based on the frequency of mobile device loss or theft, as well as the limited security measures companies use to protect enterprise mobile devices," the report states.

Dedicated Mobile Security

More than a third of companies fail to secure mobile devices adequately, with only 38 percent leveraging a dedicated mobile security solution.

When asked why, 53 percent of respondents cited a lack of budget, and 41 percent cited a shortage of resources.

"The dichotomy of management trying to control costs and security professionals struggling with insufficient tools to repel attackers is not a new story line in most enterprises," the report notes. "Unfortunately, the story usually ends sadly with a huge, embarrassing event with the press blazing headlines of a costly hack and the company suffering brand damage and loss of customer confidence."

Ninety-four percent of respondents expect the frequency of mobile attacks to increase, and 79 percent expect the difficulty of securing mobile devices to grow.

More than 20 percent of respondents said a mobile breach could cost their company most than $500,000, and 11 percent said it could cost more than $1 million.

Waiting for Catastrophes

"The research consistently revealed that the overall focus and preparedness of security for mobile devices is severely lacking," Dimensional Research principal David Gehringer said in a statement.

"Security professionals identified the risk of mobile devices, but focus and resources assignment seem to be waiting for actual catastrophes to validate the need to properly prepare their defenses," Gehringer added. "It's unfortunate that so many companies have not learned from the past and are doomed to repeat wasted costs and the customer outrage of being breached."

Separately, a CITO Research survey of more than 100 mobility professionals found that 57 percent of respondents are concerned about corporate data on personal and other non-managed devices. That's an increase of 13 percent over a similar survey in 2016.

The survey, sponsored by Apperian, also found that 45 percent of respondents are concerned about addressing BYOD, contracted workers, or other users in the extended enterprise, a 14 percent increase over 2016.