Published on November 16, 2023, 8:56 pm

The prevalence and severity of mobile-related compromises are on the rise in 2022. Surprisingly, small and medium-sized businesses perceive the risk to be even higher compared to larger organizations (73% vs. 60%, respectively).

On a positive note, the increase in cyber threat awareness has led to a rise in cybersecurity budgets among 77% of respondents, according to the Verizon 2022 Mobile Security Index report.

The research also revealed that companies are now allocating their cybersecurity budgets more evenly across the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

Looking ahead to 2023, 77% of respondents expect their budgets to increase in the coming year.

The FutureCISO team recently spoke with Don Tan, senior director for APAC at Lookout, about the evolving mobile security landscape in Singapore and other ASEAN markets.

Mobile security awareness is growing, but there is still news reporting about phishing and scams. According to Tan’s observations, nine out of ten people do not have any security measures on their devices. This is alarming considering that our phones contain sensitive information such as banking details, social security numbers, and fingerprints.

It seems that most people have a misconception that their phones are safe. Over the past two years, critical vulnerabilities were detected within iOS. Apple even had to release an emergency fix recently.

Phishing or smishing (SMS phishing) is one of the most common mobile security threats. Many people fail to verify truncated URLs before clicking on them, providing hackers with an entry point into their phones. Once inside, hackers conduct reconnaissance, penetrate further into the device’s systems, and execute attacks.

Securing mobile devices without impacting user experience is crucial. Lookout processes four and a half billion URLs and 100,000 new mobile applications every day. When a device installed with Lookout detects a zero-day vulnerability, this information is automatically shared across its network of 200 million users through artificial intelligence and machine learning, without requiring human intervention.

The adoption of Security Service Edge (SSE) is the next generation’s approach to traditional perimeter defense. SSE secures data no matter where it is located, which ensures that both the data and the user remain protected.

However, in Asia, SSE adoption is still in its early stages. Many companies are in the evaluation phase due to growing concerns about data leakage and regulatory requirements.

When searching for an SSE solution, it’s essential to find a provider that offers a single platform native to the cloud. However, it’s crucial to be cautious as some companies may try to fit products into their portfolio just for the sake of offering an SSE solution. It’s like a jigsaw puzzle where vendors attempt to force products together.

Fundamentals should be considered when choosing an SSE vendor. Look for a provider with a single platform that offers multiple modules capable of addressing specific requirements. Additionally, scalability should be a key aspect of the vendor’s offering.

The best-of-breed principle does not necessarily apply to SSE solutions because there are many moving parts involved. While SSE is important, organizations must also consider cloud service providers, SaaS solutions, endpoints, data center connections, and legacy system integration.

With SSE solutions, having a single platform that integrates all these technologies becomes vital. This provides centralized policy creation, reporting, logging, forensics, access control, configuration management, and deployment.

One challenge brought by multiple complex solutions is the need for experts who can manage each system independently. Having separate individuals responsible for different aspects like endpoint devices, cloud applications, data centers, etc., adds complexity to the overall security framework.

For more details on Tan’s responses and insights on mobile security in Asia, you can listen to the full PodChats episode featuring Don Tan from Lookout.


Comments are closed.