Skip to main content
close search
site logo
Dive Brief

CISOs, CIOs see heightened mobile security threat amid shift to hybrid

Published June 16, 2021
David Jones's headshot
Reporter
Sean Gallup via Getty Images

Dive Brief:

  • In a global shift to remote work, more than three-quarters of IT decision-makers said their organizations were more vulnerable to cyberattacks against mobile devices compared with a year ago, according to a survey by Sapio Research commissioned by Menlo Security released Wednesday. The survey of more than 600 executives, including chief information officers and chief information security officers, included organizations based in the U.S., U.K. and Australia. 

  • Phishing has been the most common form of attack over the past 12 months, according to 71% of survey respondents. The survey showed 73% of IT decision-makers believe end-users are more susceptible to mobile attacks than they were five years ago.

  • More than half of participants said it's impossible for organizations to be ready for all the tactics used by malicious attackers targeting mobile devices. For 38% of respondents, it's impossible to keep up with the pace of cyberattacks targeting mobile.

Dive Insight:

The Menlo Security Mobile Risk 2021 report comes at a critical time both in the U.S. and abroad, as companies and other organizations are beginning to return to the office following the COVID-19 pandemic. 

Millions of workers in the U.S., U.K. and Australia have been working remotely since early 2020, with companies allowing employees and contractors to connect to the office using a variety of devices, including laptops, tablets and mobile phones. 

"Increasingly, workers are accessing their corporate applications and data from unmanaged devices," Mark Guntrip, senior director of cybersecurity strategy at Menlo Security, said via email. "This was clearly exacerbated by the enforced remote work policy in 2020 and the subsequent shortage of computing equipment available."

IT managers and CISOs have struggled to secure the perimeter at many organizations, due to a lack of endpoint visibility. Employees are also conducting work on a variety of operating systems using often insecure home Wi-Fi connections. 

Guntrip says mobile devices are less secure because of a combination of untrusted personal applications and data that are stored on the same device, as well as employees ignoring company security policies. 

Remote work has opened a number of attack vectors over the past year. VPN devices have become a major target of malicious attacks and APT actors have taken advantage of vulnerabilities in Pulse Secure, Fortinet and other VPNs in recent months, targeting government agencies, contractors and private companies. An old VPN profile was targeted in the May ransomware attack on Colonial Pipeline

Sapio Research conducted the survey, based on online interviews with 617 IT decision-makers, at companies with at least 1,000 employees. The survey respondents were invited by email and completed online surveys during April and May.

Filed Under: Vulnerability

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Vulnerability
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell