Most of the organisations are suffered data breaches due to mobile devices

Cybersecurity was all over the headlines again in 2018. There were many large and damaging compromises affecting retailers, airlines and credit rating companies, to name just a few. Many organizations weren't prepared and had sensitive data stolen or suffered downtime of key systems. A New Verizon report shows a big gap between organizations' mobile security risk concerns and mobile security best practices they implement.

There are number of security incidents involving mobile devices has increased over the past year, but companies are not protecting their mobile assets as well as they do other systems. One in three organizations admitted to suffering a compromise due to a mobile device, The survey states, 671 professionals in charge of mobile device procurement and management in their organizations. This represents a 5 percent increase compared to the results of a similar survey last year.

Mobile devices are prone to many of the same attacks as other devices," Verizon said in its Mobile Security Index 2019 report. "Most phishing attacks and badly coded sites can affect them; mobile users might even be more vulnerable. And there are also mobile-specific exploits-like malicious apps and rogue wireless hotspots."

Companies not meeting bare minimum mobile security standards "And yet again this year, we found that many companies are failing to protect their mobile devices," the company said. "And we’re not talking about some almost-impossible-to-achieve gold standard. We're talking about companies failing to meet even a basic level of preparedness."

There are vulnerability of a mobile device-such as a smartphone, tablet, laptop or connected device. Yet, we found that the number of companies admitting that they'd suffered a compromise in which a mobile device played a role went up-from 27% in the 2018 report to 33% this time around.

This is not due to a lack of awareness, as over 80 percent of respondents said their companies were at risk from mobile threats and 69 said those risks have increased over the past year. At the same time over two-thirds of respondents said they are less confident in the security of their organization's mobile devices compared to other systems.

Almost half of respondents admitted that their organizations sacrificed mobile security to get the job done faster and nearly half of those that cut corners experienced a mobile-related security compromise. Meanwhile, less than 25 percent of those that didn't sacrifice security for speed and profit had a mobile-related compromise.

Around 60 percent of incidents were described as major and 40 percent as major with lasting repercussions. Over half resulted in the loss of data and 58 percent also led to the compromise of other devices.

Now the attackers are adapting to the mobile-first world and expanding their arsenals. 51% of sophisticated actors identified in the last 12 months were found to be targeting mobile devices as well as desktops.. Mobile devices now have access to much of the same valuable corporate data-customer lists, bank details, employee personal data, billing information and much more-as those using fixed connections.

Mobile security perception doesn't match reality and Verizon found that there is a perception gap because over 80 percent of organizations believe their precautions are either effective of very effective but less than 12 percent had actually implemented all four basic protections: encrypting data on public networks, changing default passwords, regularly testing security systems and restricting access to data on a "need to know" basis.

The survey broadly founds, many companies suffering a mobile-related compromise rated them as very serious. More than two fifths (41%) of those affected described the compromise as “major with lasting repercussions,” and even more (43%) said that their efforts to remediate the attacks were “difficult and expensive.” Governments are starting to intervene to get organizations to take cybersecurity across all endpoints more seriously.

Lastly, the research shows that this is starting to focus attention-the threat of multi-million, even multi-billion, dollar penalties tend to have that effect. But cybersecurity, and mobile device security in particular, cannot wait for regulation.