In its annual Mobile Security Index report, Verizon found that the number of cybersecurity incidents sharply increased year-over-year. And while 85 percent of companies said they need to take mobile security seriously, half of the companies polled acknowledged that saving money and “cutting corners” trumped investments to protect mobile data and boost security.
Researchers at Verizon said the total number of cyber compromises rose to 33 percent in 2018 from 27 percent in the prior year. And for retailers specifically, 31 percent of retail organizations “suffered a mobile device compromise last year.” And 54 percent of the incidents were considered major while 27 percent “had lasting repercussions,” Verizon noted in the report.
Authors of the report said that retailers “were most likely to be concerned about cybercriminals stealing payment card details.” Fifty-five percent of retail respondents were concerned over payment card data theft, which compares to 37 percent across all industries surveyed in the report.
In regard to the “actors and motives” behind cyber attacks and cyber compromises, companies were most concerned about employees. Verizon said in the report that at 38 percent, “employees topped the list of actors that respondents were most concerned about. Members of staff frequently expose their organizations to risk, both knowingly and unknowingly. Included in this number is the issue of negligence — employees making careless errors, losing their devices, using public Wi-Fi or circumventing security rules.”
Organized crime came next with 22 percent. “These groups are constantly adapting,” authors of the report said. “As one type of IT system becomes less vulnerable, they will move on to another. And they are constantly finding new ways to make money from their efforts. While ‘smash and grab’ attacks are still common, there are much more sophisticated attacks, too.”
Phishing is also a concern. But mobile users are not adept at preventing it. “Users are more vulnerable to phishing on a mobile device,” authors of the report said. “Many of the protective measures people typically take are not as easy: Who looks for the padlock, or hovers over the link to see the underlying URL? And mobile devices are much less likely to have endpoint protection installed.”