The COVID-19 pandemic forced many businesses to quickly support remote working practices, often without proper security measures in place. A report from Verizon has revealed that many businesses may have left themselves vulnerable and open to cybercriminals in the rush to ensure that employees could work remotely.
The report found that 49% of businesses surveyed said that changes made to their remote working practices during lockdown adversely affected their company’s cybersecurity. While 40% of businesses surveyed recognised that mobile devices are their company’s biggest IT security threat, 45% knowingly sacrificed mobile device security to meet a deadline or productivity targets. A further 24% sacrificed mobile device security to facilitate their response to restrictions put in place during the pandemic.
Small and medium-sized businesses are more of a target than larger enterprises, according to 52% of respondents. Even in this case, 59% of small and medium-sized businesses reported sacrificing security while 22% suffered a mobile compromise. Additionally, 78% stated that they should take mobile device security more seriously.
Of those surveyed, 72% of organisations were worried about device abuse or misuse. Part of the problem was that many companies struggled to develop an effective acceptable use policy (AUP), with 57% of companies failing to develop an AUP.
Sampath Sowmyanarayan from Verizon Business noted that while businesses focused their efforts elsewhere, cybercriminals saw opportunities to strike. The rise of the remote workforce and the spike in mobile device usage changed the threat landscape, which increased the need for organisations to hone in on mobile security to protect themselves and those they serve.
The Verizon Mobile Security Index 2021 findings are based on an independent survey of 856 businesses across Australia, the US and the UK. The report details people and behaviours, apps, devices and things, and networks and clouds as the four sectors of the mobile threat landscape. Additionally, it provides insights into how to help safeguard against pending cybercrime attacks. It also provides insights into the current mobile threat landscape and what organisations are, or aren’t, doing to protect their data and key systems.