• The pandemic prompted a rapid shift to remote work and IT security professionals found themselves under pressure to prioritize other operational elements over mobile security
• While the number of reported compromises actually fell over the course of the last 12 months, there is real concern that incidents are going undetected
During the pandemic, organizations have radically altered their operating models, many pivoting overnight to largely remote work. This left IT professionals scrambling to get new collaboration and productivity tools working, often on employee-owned personal devices. Many of these are in fact mobile devices, giving the latest Verizon Mobile Security Index a definite COVID context. The survey of 856 professionals who purchase, manage, and or secure mobile devices showed a subset of IT staffers under acute pressure to balance the need to support more flexible operations against protecting against new vulnerabilities associated with the work from home (WFH) movement.
Most respondents – 79% – said the number of remote workers increased during the lockdown. While most (70%) expect that number to decrease, more than three-quarters expect more people to be working from home in the future than in the pre-pandemic days. Sixty percent said mobile devices present their organizations with the biggest risk of exposure. Eighty-five percent called mobile devices at least as susceptible to a breach as other IT systems.
The Verizon Mobile Security Index revealed aspects of this mobile security effort that were both expected and surprising. The number of reported compromises in the last 12 months actually dropped to 23%, down from 39% in the previous 12 months. However, there is some concern that breaches are being missed as IT reprioritizes efforts around operational challenges with the move to remote work. Seventy-six percent said they have sacrificed mobile security controls to support the rapid swing to a WFH model.
This comes at a time when cyberattacks are exploiting new vulnerabilities exposed during the pandemic to launch attacks. 2020 Check Point research showed that COVID-19 related phishing and other malware attacks shot up from less than 5,000 a week in February of that year to more than 200,000 by the end of April. And this trend continued with a 34% jump in all types of cyberattacks by the end of June over the number in April.
The major takeaway is that even as lockdowns ease and enterprises begin to move back to more traditional operating models, the nature of work has been changed to incorporate even more personal devices into corporate functions. IT organizations need to make mobile security even more of a priority going forward or run the risk of significant impacts on operations and the potential loss of assets and reputational damage.