Published on November 9, 2023, 3:34 am
The prevalence and severity of mobile-related compromises are on the rise in 2022. Interestingly, small and medium-sized businesses perceive the risk to be even greater compared to larger organizations, with 73% versus 60% respectively.
On a positive note, the increase in cyber threat awareness has led to a rise in cybersecurity budgets for 77% of respondents according to the Verizon 2022 Mobile Security Index report.
The research also found that companies are now spending more evenly across the National Institute of Standards and Technology (NIST) Cybersecurity Framework. Looking ahead to 2023, 77% of respondents expect their budgets to increase in the coming year.
To gain further insights into the evolving mobile security landscape in Singapore and other ASEAN markets, FutureCISO spoke with Don Tan, senior director for APAC at Lookout.
When it comes to mobile security awareness in Singapore and ASEAN, there is undoubtedly a growing awareness. However, news reports still frequently cover incidents of phishing and scams. Surprisingly, based on observation, it is estimated that 9 out of 10 individuals do not have any security measures on their devices despite them containing sensitive information such as banking details, social security numbers, and fingerprints.
A common misconception among most people is that their phones are secure. In reality, critical vulnerabilities have been detected within iOS over the past two years. Even recently, Apple had to release an emergency fix.
Phishing or smishing (SMS phishing) is one of the most obvious mobile security threats as many people fail to verify truncated URLs. Phishing serves as the gateway for hackers to gain access to personal data stored on smartphones before executing their attacks after reconnaissance.
Securing mobile devices without impacting user experience requires overcoming the weakest link—end users. Lookout processes billions of URLs and thousands of new mobile applications each day using artificial intelligence and machine learning. When any device with Lookout detects a zero-day vulnerability, the data is shared automatically across Lookout’s 200 million users without any human intervention.
One emerging approach to security is the adoption of Security Service Edge (SSE). SSE represents the next generation of security, shifting away from traditional perimeter defense. By securing the data depository regardless of its location, SSE ensures protection wherever it goes. While SSE adoption in Asia is still in its early stages, increasing awareness and concerns around data leakage and regulatory requirements are pushing companies to evaluate SSE technologies.
When considering an SSE solution, it is crucial to find a provider that offers a single cloud-native platform. However, it is essential to be cautious as some companies try to fit products and solutions into their portfolios by assembling a jigsaw puzzle rather than providing a holistic SSE solution.
Fundamentals should be prioritized when selecting an SSE vendor. Look for a vendor with a single platform that has multiple modules addressing specific requirements while remaining scalable. The four fundamental components of any reliable SSE solution include endpoint coverage, cloud management capabilities, on-prem and public cloud application management, and measures against data leakage.
The complexity arising from multiple isolated solutions also highlights the need for skilled experts who can manage them efficiently. Integrating various components such as endpoint devices, cloud applications, data centers, and legacy systems adds further complexity.
In conclusion, mobile security remains an ongoing concern in Singapore and ASEAN countries. It is essential for businesses of all sizes to prioritize cybersecurity budgets and implement robust security measures to protect sensitive information on mobile devices. Adopting Security Service Edge (SSE) approaches can provide enhanced security while minimizing disruption to user experience. Organizations should carefully evaluate vendors and select those offering comprehensive platforms with scalable modules tailored to their specific needs.