How Businesses Can Protect Themselves from Mobile Cyber Threats
*Updated 27 February 2025*
Cyber threats continue to develop, with mobile computing emerging as a key vulnerability exploited by attackers. Research highlights a concerning trend: Many organisations have yet to implement comprehensive security controls and policies to counteract these risks.
Despite the widespread adoption of mobile computing and Bring Your Own Device (BYOD) programs, organisations are often reluctant to acknowledge security breaches originating from employee-owned devices. This hesitancy contributes to an environment where mobile threats are underestimated—sometimes dismissed as scaremongering in the absence of a major security incident.
However, the reality is clear: Cyber-attacks targeting mobile endpoints are increasing. Charlie McMurdie, Senior Cyber Crime Advisor at PricewaterhouseCoopers (PwC) and former head of the UK Police Central E-Crime Unit, warns that organisations frequently struggle to pinpoint the exact entry point of an attack, with mobile devices—laptops, tablets, and smartphones—being common, yet underreported, culprits.
Given the undeniable productivity and customer service benefits of mobile access to corporate data, mobile computing is not just a trend but an operational necessity. The challenge, then, is securing it effectively.
Escalating Mobile Security Threats
Recent data underscores the urgency of addressing mobile security:
- Rising Mobile Compromises - The Verizon 2024 Mobile Security Index reports that over half (53%) of companies experienced a mobile-related security breach, a significant increase from less than 30% in 2018.
- Prevalence of Vulnerable Apps - A study by Build38 reveals that more than 75% of mobile applications contain at least one vulnerability, with unpatched flaws contributing to 60% of data breaches.
BYOD Policies: Convenience vs. Security
The flexibility of BYOD policies offers numerous benefits but also presents unique security challenges:
- Widespread Adoption - Ivanti's research indicates that 84% of organisations globally practice BYOD, yet only 52% have official policies in place. Alarmingly, in organisations where BYOD is not permitted, 78% of IT professionals report that employees use personal devices without authorisation.
- Employee Concerns - Nearly half (48%) of employees believe that BYOD adoption would increase if IT departments did not have access to their personal data, highlighting privacy concerns.
Mitigating Mobile Security Risks
To navigate the complexities of mobile security and BYOD, organisations should consider the following strategies:
- Implement Robust Mobile Device Management (MDM) - Utilise MDM solutions to enforce security policies, manage device configurations, and remotely wipe data from lost or compromised devices.
- Conduct Regular Security Training - Educate employees about the risks associated with mobile device usage and best practices to prevent breaches, such as recognising phishing attempts and securing personal devices.
- Enforce Multi-Factor Authentication (MFA) - Require MFA for accessing corporate resources to add an extra layer of security beyond traditional passwords.
- Develop a Comprehensive BYOD Policy - Clearly outline acceptable use, security requirements, and the responsibilities of both the organisation and employees to protect sensitive data.
By proactively addressing these areas, businesses can harness the benefits of mobile computing while safeguarding their networks against cyber threats.
The Path Forward
Mobile computing and BYOD initiatives offer undeniable advantages, but security must be an integral part of the strategy—not an afterthought. Organisations that delay comprehensive action are increasingly vulnerable to cyber-attacks.
By learning from industry leaders, adopting best practices, and embracing an adaptive security approach, businesses can safeguard their mobile environments. The threat is real, and securing mobile computing is no longer optional—it is an operational imperative.
