More than half of global businesses admitted that it is not possible to be prepared for all of the tactics and strategies used by attackers targeting mobile devices. For its report ‘Menlo Security Mobile Risk 2021 Report’, Menlo Security surveyed more than 600 information technology (IT) decision makers across the UK, US, and Australia, including chief information officers (CIO) and chief information security officers (CISO). According to the report more than a third of UK businesses claimed that it is impossible to keep up with the pace of these attacks.
The survey also found that three quarters of IT decision makers believe their organisations are more vulnerable to mobile cyberattacks than ever before. Of global respondents, 73 per cent believed that end users are now more susceptible to cyberattacks on mobile devices than they were five years ago. The survey also found that 76 per cent of respondents feel that they are more vulnerable to mobile attacks than a year ago following the shift to remote and hybrid work environments.
“Although many organisations are confident in their ability to identify and prevent mobile attacks, often this is just overconfidence in solutions that are not able to provide 100 per cent protection against the latest waves of socially engineered attacks, such as phishing and smishing or zero days,” Mark Guntrip, senior director of cybersecurity strategy for Menlo Security, said. “Even experienced professionals can fall victim to these attacks, the only way to truly prevent them in the first place is through isolation.”
Global IT decision makers also acknowledged that 71 per cent of them had experienced phishing attacks. Although a majority of respondents admitted they are either more susceptible to mobile attacks or they have already encountered one, a surprisingly high percentage still felt confident in the ability of their organisation to both identify and prevent them. Although mobile devices often make it difficult to identify the telltale signs of malicious emails or links, 88 per cent still believe in their ability to identify them and 84 per cent trust in their ability to prevent them.
“Threat actors are always looking for the path of least resistance and given the large number of organisations and employees who are still working remotely, mobile devices have entered into the centre of attackers’ crosshairs,” Guntrip added. “Unfortunately, mobile security has often been an afterthought for enterprise security strategies. Today’s businesses must rethink how they are safeguarding their networks and what avenues are most susceptible to threats in the remote work landscape.”
The survey also inquired about the strategies that are most often used by organisations in the UK, US and Australia, finding that isolation adoption hovers around 40 per cent, lagging behind more traditional methods, such as mobile device management, and data loss protection, leaving a majority of organisations at risk of attack. Just four per cent globally had no solutions in place yet.