The new report, titled Top Mobile Threats, is a result of a survey of more than 200 enterprise participants representing 26 countries globally. The survey serves as an important first step in a larger effort to provide industry guidance on where enterprises should place their resources and focus when it comes to addressing mobile security threats.
“Personally owned mobile devices are increasingly being used to access employers’ systems and cloud-hosted data, both via browser-based and native mobile applications. This without a doubt is a tremendous concern for enterprises worldwide, “ said John Yeoh, Research Analyst for the Cloud Security Alliance. “The results of this research will play an important role as we set out to develop much needed guidance on where time, talent and money should be placed when it comes to addressing mobile security threats.”
Rank of top mobile threats:
- Data loss from lost, stolen or decommissioned devices
- Information-stealing mobile malware
- Data loss and data leakage through poorly written third-party applications
- Vulnerabilities within devices, OS, design and third-party applications. Insecure Wifi network or rogue access points
- Insecure WiFi, network access and rogue access points.
- Insecure or rogue marketplaces
- Insufficient management tools, capabilities and access to APIs (includes personas).
- NFC and proximity-based hacking.
The results in the Top Threats to Mobile Computing report, which focused on those threats posed by smartphones and tablets, are intended to aid information security professionals and educate the industry about security concerns. In addition to identifying top threats, respondents also indicated a couple of additional concerns with 64 percent of respondents believing that NFC and proximity-based hacking will happen in 2013. Also 81 percent of respondents believe that insecure WiFi and rogue access points are already happening today. This is of particular concern as the proliferation of mobile devices consequently increases the use of and reliance on WiFi networks.
"The CSA Mobile Working Group findings highlight the threats that experts in the field find to be the most critical. There are few stronger indications of where we should be focused that that,” said Dan Hubbard, CTO of OpenDNS. "As we move further into an era where mobile computing is ubiquitous, we're seeing an entirely new threat landscape that involves newer concerns like lost devices and rogue marketplaces, but also a heightened level of concern over insecure public WiFi as we rely more and more on access as we travel."