Businesses not prepared for the risk from mobile and IoT apps
Despite widespread concern about the security of mobile and IoT applications, organizations are ill-prepared for the risks they pose, according to new research.
The study from threat prevention company Arxan Technologies, IBM Security and the Ponemon Institute reveals that 60 percent of respondents believe it’s either certain or likely their organization has experienced a material data breach or cyber attack over the past 12 months that was caused by an insecure mobile app.
In addition 46 percent believe the same is true as the result of an insecure IoT app. Despite this though only 32 percent say their organization urgently wants to secure mobile apps and 42 percent say it is urgent to secure IoT apps.
Respondents say that IoT apps are harder to secure (84 percent) compared to mobile apps (69 percent). In addition 55 percent of respondents say there is a lack of quality assurance and testing procedures for IoT apps.
On average only 29 percent of mobile apps and 20 percent of IoT apps are tested for vulnerabilities. Just five percent of respondents say the CSO is primarily responsible for IoT app security, and only 30 percent believe that their organization has allocated sufficient budget to securing mobile apps and IoT devices.
"The numbers don't add up. While 60 percent of respondents confirm that their organization has already experienced a data breach caused by an insecure mobile app, and more than half are very concerned about likelihood of an attack, 44 percent are taking no steps to protect their apps," says Mandeep Khera, chief marketing officer of Arxan. "The laissez-faire attitude toward the security of mobile and IoT applications needs to come to an end and organizations must start emphasizing security in the development process in order to prevent a detrimental attack. One breach can set a company back dramatically in brand damage, financial loss and recovery costs. You have to think of the old idiom -- penny wise, pound foolish."
You can find out more about the findings in the full report which is available from the Arxan website.