What you need to know:
Major attacks are on the rise—45% of companies surveyed suffered a compromise in the past 12 months, up 22% year over year
Seventy-nine percent (79%) of respondents agreed that recent changes to working practices have adversely affected their organization’s cybersecurity
Fifty-two percent (52%) of respondents said they have previously sacrificed the security of mobile devices, including IoT devices, to ‘get the job done’ (eg, meet a deadline or hit productivity targets)
Eighty-five percent (85%) of companies surveyed have a budget dedicated to mobile security
NEW YORK – The traditional 9-to-5 in-office workday has shifted to an always-on hybrid or remote working world. With the increase in hours, locations and devices comes an increase in vulnerability for companies protecting themselves from cyberattacks. The Verizon Mobile Security Index (MSI) 2022 reveals that there is a continued rise in major cyberattacks in the last year involving a mobile/IoT device, up 22% year-over-year, that resulted in data or system downtime. With 85% of companies surveyed stating that they now have a budget dedicated to mobile security, there has never been a more pressing need to apply those funds to cyberthreat mitigation.
“For businesses–regardless of industry, size, or location on a map–downtime is money lost. Compromised data is trust lost, and those moments, although not insurmountable, are tough to rebound from,” said Sampath Sowmyanarayan, CEO, Verizon Business. “Companies need to dedicate time and budget on their security architecture, especially when it comes to off-premise devices: otherwise they are leaving themselves vulnerable to cyber-threat actors.”
Security teams face an uphill battle as the number of devices and remote workers increase, so much so that 79% of respondents agreed that the recent changes to working practices have adversely affected their organizations’ cybersecurity. With the increased threat, it would seem that companies would double down on their policies. However, the findings point to the opposite, with 85% saying home Wi-Fi and cellular networks/hotspots are allowed or there is no policy against them, and 68% allow or have no policy against the use of public Wi-Fi.
Security mitigation should be a top priority
Awareness of the impact of a cyberattack is clear, with 64% of respondents saying that public awareness of cybersecurity risks will increase in the future. This is partly attributable to nearly two-thirds (66%) of companies stating that they had previously come under pressure to sacrifice mobile-device security “to get the job done,” with 52% succumbing to that pressure.
The MSI details four sectors of the mobile threat landscape: people and behaviors, apps, devices and things, and networks and cloud. Additionally, it provides expert insights into how to help safeguard against pending cybercrime attacks, such as establishing a “zero trust network access” (ZTNA) model and a secure access service edge (SASE) architecture, which are designed for a mobile-first and cloud-first world.
Impact across business sectors
The MSI highlights the impact of cybercrime on mobile security across various business sectors. Highlights are as follows:
Enterprise: 23% of respondents suffered a mobile security compromise. Of those, 74% said the impact of the mobile security compromise was major and over a third (34%) said it had lasting repercussions. Furthermore, four out of five (81%) organizations said their mobile device security spend increased over the past year and 76% believe it will increase over the coming year as well.
Retail: Almost nine out of 10 (88%) businesses are concerned that a mobile security breach could have a lasting impact on their brand or customer loyalty. However, 70% said that increased mobile use is essential to staying relevant to consumers, while 41% said this presented a daunting security challenge.
Financial Services: More than nine out of ten (93%) executives believe cybercriminals see their sector as a more lucrative target than other industries.
Healthcare: Nearly nine out of ten (87%) healthcare organizations are concerned that the highly confidential nature of patient data makes them a target for cybercriminals and 85% say they are concerned that a security breach could compromise patient care. Conversely, three out of four (76%) organizations agree that the adoption of telehealth presents healthcare providers with a great opportunity to improve patient care.
Manufacturing, construction, and transportation: Four out of five (79%) believe a mobile security compromise could disrupt their entire supply chain, resulting in serious financial implications. However, 76% of organizations agree that the adoption of mobile-based services by shop floor workers is essential to improving productivity.
Public Sector and Education: Almost nine out of ten (87%) said that employee expectations for remote/flexible working are forcing them to re-evaluate how they operate. Another 72% of respondents agreed that the increased use of mobile-based services by public sector employees is essential to accelerating the digital transformation of public services.
Beyond the Index
As with the business sector, cyber threat actors are also targeting consumers. Unwanted calls and spam text messages pose a real threat to mobile device owners, which makes being vigilant and having security measures in place that much more important.
From May to June 2022 alone, with the use of STIR/SHAKEN, Call Filter and additional tools, Verizon identified or blocked 2.5 billion unwanted calls for wireless customers – detecting more than 26.5 billion spam calls to date. On a daily basis, Verizon blocks tens of millions of spam text messages on behalf of customers and labels 1.2M calls with [V] for verified callers and with 85K [SPAM?] for robocalls for more than 3M Fios voice customers.
Verizon became the first service provider to supply scam call data to the Industry Traceback Group (ITG) and the first to automate its participation – in most cases responding to ITG in less than a minute. Most recently, Verizon was also the first service provider to submit foreign language scam examples to the ITG.
With the increase in remote work flexibility, meeting security has become an essential business priority. Built secure by design, BlueJeans by Verizon works to protect customer and end-user security and privacy, while delivering a great video collaboration experience across devices.
By protecting the privacy of customers and implementing standards-based security protocols throughout the BlueJeans platform, including SIP, SRTP, TLS, and H. 323, Verizon is being proactive about video conferencing security and privacy. Furthermore, the BlueJeans Trust Center highlights the company’s commitment to innovating responsibly and communicating transparently, so that organizations and end-users across industries can meet with confidence.
About the Verizon Mobile Security Index 2022
The Verizon Mobile Security Index 2022 findings are based on an independent survey of 632 professionals responsible for security strategy, policy, and management. They also do the buying, managing, and security of mobile and Internet of Things (IoT) devices for their companies.
The Mobile Security Index provides unique insights into the current mobile threat landscape and what organizations are, or in many cases aren’t, doing to protect their data and key systems. In addition to analysis from Verizon’s experts, the report includes insights and real-world data from leading security and management companies, including Absolute, Check Point, IBM, Ivanti, Jamf, Lookout, Netskope, Proofpoint, and Thales.
Read the full Verizon Mobile Security Index 2022, and learn more about what Verizon is doing to help address cybersecurity threats.