Security breaches can cause, among other things, damage to brand reputation, customer loyalty, and customer engagement.
Mobile security breaches have affected 68% of organizations in the past 12 months, according to a new global study from BT Security. Despite this, organizations are still not taking sufficient security measures to protect themselves against mobile threats, such as lost or stolen devices and malware infections. What’s more, the report shows about half of respondents’ organizations that incurred mobile security breaches experienced more than four incidents in the past year.
“If CEOs are passionate about making security practices work, then these will inevitably become an intrinsic part of people’s lives,” Mark Hughes, president of BT Security, said in the report. “Problems usually arise when people don’t understand the risks and the impact that neglecting security could cause for the business, as well as for them personally. A security breach could cause a share price drop and reputational brand damage. This means that security is everyone’s job.”
The report search explores the attitudes of IT decision makers towards security within their organizations. It shows that uptake of BYOD (Bring Your Own Device) and COPE (Corporately Owned Personally-Enabled) devices is very high, with 93% of organizations allowing employees to use these devices for work purposes.
But only four in 10 organizations surveyed actively have a BYOD policy. In this environment, the report says, device security is falling by the wayside: Only a quarter of respondents felt that their companies had sufficient resources in place to prevent a mobile security breach. Surprisingly, three in 10 (29%) do not have password protection, and less than half (45%) report that their organizations have IT security training for everyone.
The report highlights that while 33% of personal or corporate owned mobile devices have full access to the internal networks or contain sensitive client information, a third of organizations do not have any kind of enforceable mobile security policy.
Security breaches, such as lost or stolen devices, malware infections such as viruses, spyware, and Trojan Horses, or the loss or theft of company or customer data, have had a major impact on business processes, including taking up valuable help desk time and other IT resources, the report says. They have reduced employee productivity, day to day activity and even customer experience, as well as causing reputational damage. Some have even resulted in hefty fines.
“Today’s threat landscape shifts very quickly so it is important for organizations to start with security in mind, rather than add it as an afterthought,” Hughes added. This will ensure that security processes develop with them, and not after them. This makes the task of being security-led much more straightforward.”
Staff attitudes remain the biggest threat to data security. The report reveals that 74% are not taking the security of devices seriously. Nearly 70% of IT decision-makers don’t believe their CEOs take security very seriously.
This research was conducted by Vanson Bourne in September and October on behalf of BT. A total of 640 interviews with IT decision makers from large organizations (1000+ employees) was carried out across 11 regions: Australia, Brazil, France, Germany, Hong Kong, Middle East, Singapore, Spain, South Africa, the U.K., and the U.S.