Verizon’s Mobile Security Index, found many organizations – including those in the financial services such as credit unions and banks – overlook basic mobile cybersecurity principles, leaving themselves and customers vulnerable to attacks.
Organizations said mobile security risks are increasing. Company concerns center on the threats mobile devices pose to both their data and uninterrupted business operations. While the number of reported incidents is still relatively low, the vast majority think that the threat is serious: 85% said their businesses face at least a moderate risk from mobile security threats; 74% said risks associated with mobile devices increased in the past year; and 73% said that they expect risks to increase during the next year. Only 2% said that they expect them to decrease.
The kicker: nearly a third of companies even knowingly sacrifice mobile security to improve speed to market and business performance.
The report also found companies sacrificing mobile security for expediency and business performance. And those that said they knew their organization did this were more than twice as likely to have experienced data loss or downtime (45% compared to 19%).
The report detailed how financial services organizations’ access to sensitive customer data entices cybercriminal activity. In addition, the fintech revolution has led many financial institutions to adopt new mobile and Internet of Things technologies, which may give cybercriminals additional points of entry to customer data.
“Banking employees have access to customer data in their normal work day that would be a cybercriminal’s dream; and it’s not just data that’s easy to monetize,” the report revealed. “Espionage is a very real risk when employees have access to sensitive data.”
Other findings:
- One quarter of financial services companies experienced a mobile-related incident in 2017, 18% of which had lasting repercussions.
- Ninety-three percent of financial services companies agree that the IoT is the greatest security threat facing their organizations.
- Almost 40% of financial institutions fail to regularly check security systems and processes.
- More than 60% of companies across industries feel a lack of understanding of threats and solutions are a barrier to mobile security.
Despite knowing the risks involved, many failed to take basic precautions. Only 39% said they change all default passwords and 51% didn’t have a public Wi-Fi policy.
Particularly concerning is that 39% of financial services companies fail to regularly check security systems and processes. Driven by new entrants, the fintech revolution is now forcing even incumbent players innovate and adopt new technologies, mainly using IoT technologies, more quickly.
Across all industries, a majority of respondents said that disruption of systems is a greater threat than the loss of data— from 73% in manufacturing to 85% in financial services.
