Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures, and services IT assets from cloud to edge, announced that it is a contributor to the Verizon Mobile Security Index (MSI) 2022. The survey based on a survey of 632 people responsible for security strategy, policy, and management, revealed an unprecedented increase in mobile attacks and losses in 2021: close to half (45%) of companies suffered a compromise that involved a mobile device and led to the loss of data or downtime in the past 12 months, representing a 14% compound annual growth rate (CAGR).
Srinivas Mukkamala, Senior Vice President & General Manager of Security Products at Ivanti, said, “It was an honor to collaborate with Verizon on its fifth annual Mobile Security Index and provide insights on the ever-changing mobile threat landscape. The findings of this report are business critical, as security leaders around the globe are reckoning with the permanent transition to remote and hybrid work and facing an unprecedented uptick in sophisticated cyberattacks. This report can help security professionals better understand the various threats to their mobile environments and bolster their defenses accordingly.”
Below are some top findings from the Verizon Mobile Security Index 2022:
- The changing work landscape presents many cybersecurity challenges. Companies are struggling to manage a mix of remote, home, hybrid, and office-based employees. Almost four-fifths (79%) of respondents agreed that recent changes to working practices had adversely affected their organization’s cybersecurity. Almost two in three CISOs across all regions agreed that remote working had made their organization more vulnerable to cyberattacks.
- Companies are increasingly reliant on mobile devices, largely due to the shift toward more remote and hybrid working. 58% of respondents said they have more users using mobile devices for work purposes than 12 months ago and 59% said that mobile users are doing more with their mobile devices than 12 months ago. Further, 53% said that mobile devices have access to more sensitive data than a year ago. This means that the compromise of a mobile device can now pose a significant risk to customer data, intellectual property, and core systems.
- The prevalence and severity of mobile-related compromises has grown. From coordinated state-sponsored campaigns to unfocused, opportunistic criminal exploits, the volume of attacks is going up. 45% of respondents said that their organization had been subject to a security incident involving a mobile device that led to data loss, downtime, or another negative outcome. And of those respondents, 73% described the attack as major, and over two-fifths (42%) said that the attack had lasting repercussions.
- Cybersecurity spending is rising in response. These factors help explain why 77% of respondents said that their cybersecurity budget had increased in the previous 12 months—and close to a third (29%) of those said it had increased significantly. And respondents expect their budgets to grow again. Over three-quarters said that they expected their budget to grow in the following 12 months; 25% said they expected it to increase significantly. Just 1% expected their budget to decrease.
“The global shift to remote work has exacerbated the onslaught, sophistication, and impact of mobile attacks,” said Mukkamala. “Hackers are increasingly targeting mobile devices because they are everywhere and have access to practically everything. Plus, most users have subpar mobile security measures in place. Security leaders need to ensure that company data is protected, wherever it travels. A multi-layered approach to security provides the best protection against today’s mobile threats.”
In April 2022, Verizon commissioned an independent market research company to survey over 600 people responsible for security strategy, policy, and management. Verizon also surveyed security practitioners and interviewed nine C-level experts in the field. Additionally, Verizon worked with several leaders in mobile device security: Absolute, Check Point, IBM, Ivanti, Jamf, Lookout, Netskope, Proofpoint, and Thales. These contributors provided additional information, including incident and usage data.