Following the launch last week of IBM’s State of Mobile Application Insecurity report, which highlights that enterprises aren’t investing in mobile security, Mark Noctor, EMEA Sales Director at Arxan Technologies has the following comment in response to these findings.
The joint study by Poneman Institue and IBM Security is an eye-opening and concerning research note. Frankly, it is alarming to see that such minimal investment is being allocated towards mobile application security by the majority of top enterprises.
Given the strategic importance that the mobile computing platform, and specifically mobile applications, presents for these organisations, there is clearly a large misalignment in the allocation of resources needed for mobile security. This is highlighted by the findings that at least 50 percent of top enterprise companies included in the study were found to have zero budget towards mobile security and only 5.5% of the $34 million spent each year on developing mobile apps is used to secure them.
This lack of funding and resources can come at a high cost to mobile enterprises, as they are exposed to loss of confidential or sensitive data, fraud, financial losses and significant brand damage. Arxan has been acutely aware of the fact that a high number of organisations still don’t see mobile security as important as reported by our State of Mobile App Security indicating that 96% of the top 100 paid Android and 87% of the top 100 paid Apple iOS apps have been hacked in the past year. These figures have continued to grow over the past year. IBM’s State of Mobile Application Insecurity report echoes this by highlighting that 40% of enterprises aren’t taking the right precautions to secure their mobile apps.
I fully concur with Caleb’s comment that “Building security into mobile apps is not top of mind for companies, giving hackers the opportunity to easily reverse engineer apps, jailbreak mobile devices and tap into confidential data.” Organisations must wake up to the risks of not adequately securing their mobile apps. The lack of funding and resource allocation towards mobile security is significant as it trickles down to even ensuring that relevant skill sets are available to deploy mobile security best-practices such as mobile application self-protections. These risk exposures must be mitigated.
About Arxan Technologies
Arxan provides the world’s strongest application protection solutions. Our unique patented guarding technology 1) Defends applications against attacks, 2) Detects when an attack is being attempted, and 3) Responds to detected attacks with alerts and repairs. Arxan offers solutions for software running on mobile devices, desktops, servers, and embedded platforms – including those connected as part of the Internet of Things (IOT) – and is currently protecting applications running on more than 300 million devices across a range of industries, including: financial services, high tech/independent software vendors (ISVs), manufacturing, healthcare, digital media, gaming, and others. The company’s headquarters and engineering operations are based in the United States with global offices in EMEA and APAC.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.