Tuesday, August 21, 2012

CIOs Must Address The Growing Mobile Device Security Threat

A steady stream of computer hacks in recent months has elevated cyber security on the national agenda. Online breaches at tech-savvy companies reveal a sobering truth: No one is immune to the threat posed by cyber criminals.

Political leaders around the world, including President Obama, have begun calling for a greater focus on this issue.

Perhaps the most critical battleground in this broad effort is the mobile security challenge. From a cyber-criminal?s perspective, mobile phones and mobile applications represent a weak link to be exploited for profit. Consider that six out of every 10 cyber-security breaches occur as a result of a mobile device, according to the Ponemon Institute. In 2011, malware targeting smartphones increased 155 percent, and in a span of just seven months the volume of malware targeting Android phones increased 3,325%.

We?ve reached an inflection point where the lightning-fast adoption of powerful, smart devices is outpacing our ability to secure our mobile lives. In a world of 7 billion people, there are now 5.9 billion mobile-phone subscribers. Here in the U.S., we have more mobile-phone subscriptions than people. The mobile Internet that we?ve come to rely on ? for everything from financial transactions to business operations to emergency-response procedures ? is increasingly vulnerable.

Why are cyber criminals targeting mobile devices? The answer is simple: mobile malware has become highly profitable. And those profits are attracting talented programmers to the dark side of cyber-crime networks.

The result is a new generation of mobile malware that is increasingly sophisticated. With billions now routinely using their smartphones to store sensitive information such as banking and credit-card data, cyber-criminals are targeting these devices with ?Trojan horse? mobile applications, which look and feel like legitimate apps. Once downloaded, however, these apps automatically transmit confidential data from the unsuspecting user?s device to a cyber-criminal?s server. Some criminals are now taking this concept a step further, building entire fake storefronts of mobile apps. And it is no longer just the individual?s data that?s at stake: very often the target is high-value information owned by governments and businesses.

From an economic standpoint, the risks we face in today?s mobile environment are enormous. A typical security breach costs a business more than a half a million dollars to address in terms of cash outlays, business disruption, and revenue losses, according to the Ponemon Institute.

So how do we address this challenge?

First and foremost, an effective, long-term response to the mobile-security challenge demands a focused, industry-wide cooperative effort involving business decision-makers, government leaders, law enforcement, security labs and R&D organizations, device makers, networking companies and telecommunications service providers. In particular, we need an active and ongoing partnership between the public and private sectors in order to drive greater transparency and a faster, more coordinated response to mobile-security threats.

When a cyber attack occurs, there is a natural human tendency to go into lock down mode and keep information about the breach confidential for as long as possible. By contrast, cyber criminals have an incentive to openly share time-sensitive data about who is vulnerable ? because there is money to be made in selling this information. This real-time transparency translates into a distinct advantage for ?black hat? hackers as they face off against their ethical ?white hat? counterparts who are dedicated to improving online security. A key challenge for security professionals on the right side of the law is to foster a faster and more open exchange of valuable information as they strive to stay a step ahead of technically advanced, well-financed cyber criminals.

From a technology standpoint, our collective challenge is to innovate and invest in three critical areas:

  • Secure the device itself,
  • Secure the network, and
  • Secure the growing number of massive-scale data centers, which are the ?engine rooms? of today?s mobile Internet.

When it comes to securing our personal devices, we must acknowledge that we all have a role to play in the solution. As individuals, there are simple steps each of us can take to better protect ourselves, such as researching the publisher of an app before you purchase, using anti-malware software on your mobile devices, and ensuring you set robust passwords on every device you own.

In many respects, mobile technology is still in its infancy. Certainly our reliance on mobile connections and capabilities has increased rapidly over the last 10 years; yet it?s equally clear that the mobile revolution holds even greater promise in the decade to come. But that promise, like all promises, is predicated on trust. We must act now to protect and preserve our trust in mobility.

Source: http://www.firewalljunction.com/Blog/post/2012/08/20/CIOs-Must-Address-The-Growing-Mobile-Device-Security-Threat.aspx

steve jobs fbi safehouse brown recluse brown recluse front door alyssa bustamante protandim

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.