Don’t Claim to Be Aware of Cybersecurity and Fail to Secure 60% of Your Endpoints

Welcome to Cybersecurity Awareness Month.

While this month traditionally is more targeted at consumers, October is a great opportunity for all of us to step back and think about modern workflows and who is and how we are accessing our corporate data.

Here at Zimperium, we assume most of our readers are aware that a) cybersecurity exists and b) a strong cybersecurity strategy is more important than ever.  But it never hurts to review the most recent strategies and approaches that are keeping us all safe from the ever-evolving threat landscape.

Over the course of the month, we will continue to drive the overall awareness by providing context around why, specifically, mobile security needs to be front and center for your organization’s security strategy.

To kick things off, let’s discuss why in 2021, mobile security needs a bigger seat at the cybersecurity table.

Mobile devices, both corporate-owned and bring your own device (BYOD), are now the dominant productivity platform in any enterprise organization: 60% of enterprise endpoints are mobile (Source: https://www.microsoft.com/security/blog/2020/04/07/mobile-security-60-percent-problem/). You probably don’t want 60% of your enterprise endpoints to be an afterthought.

Let’s now layer some complexity onto this foundational fact:

  • 67% of employees use personal devices at work. (Source: CBS News)
  • 96% of companies with bring-your-own-device (BYOD) policies say the number of personal devices, connecting to corporate networks is growing. (Source: Dimensional Research)
  • Employees access an average of 5.2 mobile business apps daily. (Source: Syntonic)
  • In 2020, the average smartphone user had 40 apps installed on their mobile phone. (Source: TechJury)

But all of this should be fine because as we all know mobile phones are more secure than most traditional endpoints, right?

Wrong.

For the sake of time and space, let’s dive deeper into the mobile device side and save the mobile application security discussion for our next edition in the series.

Mobile devices are under-protected and disproportionately targeted despite the fact all the methods and strategies hackers use on traditional endpoints apply to mobile devices. These devices operate extensively outside of corporate firewalls, in the hands of users who may not prioritize precautions like vetting Wi-Fi networks or keeping their devices patched and updated. Mobile often represents a wandering corporate data repository. That’s why Zimperium detects an average of 600 million threat events involving enterprise mobile devices daily. 

Despite inadequate protection, mobile devices have inherent characteristics creating a larger attack surface than traditional endpoints. Cybercriminals can attack mobile devices from a variety of different threat vectors.

Suppose 60% of your enterprise-connected endpoints lack adequate management and security. Your organization cannot possibly succeed with fulfilling the expansive requirements of security frameworks such as Zero Trust, which is exactly the mandate that many multinational organizations and government agencies are being handed.

So what’s the path forward at this moment in time for enterprises looking to provide coverage for their mobile attack surface?

Modern enterprise mobile security solutions must meet two equally important criteria in order to meet the current and ongoing challenges presented by mobile devices:

  1. They need an advanced technology solution that leverages machine learning to protect against device, network, application and phishing attacks
  2. They need a solution that fits into their existing security ecosystem integrating with the EPP, UEM and EDR environment to provide complete visibility

Ultimately, enterprises need to adopt a security solution that incorporates the data, control, and coverage needed for the distributed workforce while supporting current security workflows.

It is time to maintain visibility and secure all of the endpoints connected to enterprise systems, not just the 40% comprised of laptops, desktop computers, and servers. Stick with us throughout the month for more on why mobile security is critical to an enterprise’s overall security posture.

Interested in learning more? Check out some of our recent and popular coverage of mobile threat research and mobile security trends:

About Zimperium

Zimperium, the global leader in mobile security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebook threats. Powered by z9, Zimperium provides protection against device, network, phishing, and malicious app attacks. For more information or to schedule a demo, contact us today.

The post Don’t Claim to Be Aware of Cybersecurity and Fail to Secure 60% of Your Endpoints appeared first on Zimperium Mobile Security Blog.

%post_title%

Source

Related Articles

Best of Both Worlds: Integrating Zimperium Mobile Threat Data into Microsoft Sentinel Cloud-Native SIEM

While leading organizations are actively protecting mobile endpoints, security teams haven’t had clean and scalable ways to integrate and correlate threat data with other parts of the security infrastructure. But that is changing. I recently hosted a webinar with David Branscome, Senior Cloud Solutions Architect, Microsoft and our very own Kern Smith, Vice President of … Read More

The post Best of Both Worlds: Integrating Zimperium Mobile Threat Data into Microsoft Sentinel Cloud-Native SIEM appeared first on Zimperium Mobile Security Blog.

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally

Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and […]

The post GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally appeared first on Zimperium Mobile Security Blog.

Let’s Protect More than 40% of our Endpoints

Imagine finding out your most recent departmental budget was only 40% of what it should be. If you’re like me, you’d get a strong feeling that “something is missing and it’s a real disaster.” Well, here’s the thing. If you’re a CISO – or if your job involves information security in general – you should … Read More

The post Let’s Protect More than 40% of our Endpoints appeared first on Zimperium Mobile Security Blog.

The President’s Executive Order on Cybersecurity is a Massive Shift for Security

The latest ransomware attack on Colonial Pipeline highlights the worst secret in cybersecurity; our nation’s critical infrastructure is not prepared to stand up against the modern cyber threats. Systems like these have been the target for attacks from domestic and foreign cybercriminals for years. These groups are armed with the latest and most effective zero-day … Read More

The post The President’s Executive Order on Cybersecurity is a Massive Shift for Security appeared first on Zimperium Mobile Security Blog.