Many Industries, Including Financial Services, Ignoring Mobile Risks

Verizon’s Mobile Security Index found many organizations – including those in the financial services such as banks – overlook rudimentary mobile cybersecurity protections, leaving themselves and customers vulnerable to attacks.

According to the research, “Many companies haven’t taken even the most basic precautions to protect their data and core systems. This is alarming since the danger of cyberattacks continues to grow.”

The fact of the matter is organizations said mobile security risks are increasing. Company concerns center on the threats mobile devices pose to both their data and uninterrupted business operations. While the number of reported incidents is still relatively low, the vast majority think that the threat is serious: 85% said their businesses face at least a moderate risk from mobile security threats; 74% said risks associated with mobile devices increased in the past year, and 73% said that they expect risks to increase during the next year. Only 2% said that they expect them to decrease.

The kicker: nearly a third of companies even knowingly sacrifice mobile security to improve speed to market and business performance.

The report also found companies sacrificing mobile security for expediency and business performance. And those that said they knew their organization did this were more than twice as likely to have experienced data loss or downtime (45% compared to 19%).

The report detailed how financial services organizations’ access to sensitive customer data entices cybercriminal activity. In addition, the fintech revolution has led many financial institutions to adopt new mobile and Internet of Things technologies, which may give cybercriminals additional points of entry to customer data.

“Banking employees have access to customer data in their normal workday that would be a cybercriminal’s dream; and it’s not just data that’s easy to monetize,” the report revealed. “Espionage is a very real risk when employees have access to sensitive data.”

Even with the ongoing threats, 51% didn’t have a public Wi-Fi policy. The researchers noted, “With more and more people wanting to be online all the time, it’s easy to understand the appeal of free public Wi-Fi.  Seventy-one percent of the respondents said that they use it for work tasks — many even when they know that it’s officially prohibited. “As we’ve reported, lack of user awareness is a leading barrier to better mobile security. Do your users understand the dangers of using public Wi-Fi?”

Other findings:

  • One-quarter of financial services companies experienced a mobile-related incident in 2017, 18% of which had lasting repercussions.
  • Ninety-three percent of financial services companies agree that the IoT is the greatest security threat facing their organizations.
  • More than 60% of companies across industries feel a lack of understanding of threats and solutions are a barrier to mobile security.
  • Despite knowing the risks involved, many failed to take basic precautions. Only 39% said they change all default passwords.

Particularly concerning is that 39% of financial services companies fail to regularly check security systems and processes. Driven by new entrants, the fintech revolution is now forcing even incumbent players to innovate and adopt new technologies, mainly using IoT technologies, more quickly.

Across all industries, a majority of respondents said that disruption of systems is a greater threat than the loss of data— from 73% in manufacturing to 85% in financial services.

In the second half of 2017, Verizon commissioned an independent research company to survey over 600 professionals involved in procuring and managing mobile devices for their organizations covering a wide range of industries: financial services, government, healthcare, manufacturing, professional services, retail and hospitality, and technology.