Mobile and IoT application security not a priority, study finds

Adups Mobile Firmware Maker Denies Sending Text Messages Back to China

Despite widespread concern about the security of mobile and IoT applications, companies apparently remain oblivious to the risks, as most still haven’t implemented a proper security strategy, says a recent report from the Ponemon Institute based on 593 interviews with IT and application security professionals.

In spite of poor mobilization throughout organizations, 58 percent of respondents said they were worried IoT applications could be an entry point for hackers, while 53 percent cited concern about insecure mobile apps that could also expedite hacking attempts.

Some 79 percent were convinced mobile applications increase security risks and 75 percent said IoT applications were just as insecure.

These numbers show professionals are concerned about security, but 44 percent said they hadn’t made any efforts in this direction, while 11 percent did not know of any security strategy plans in the near future.

Only 11 percent of respondents knew for a fact that their organization had dealt with security problems caused by insecure mobile applications, while even fewer knew about IoT-related incidents.

“Factors revealed in this study may help to explain the lack of urgency,” said Dr. Larry Ponemon, Chair and Founder of Ponemon Institute. “Respondents voiced minimal budget allocation, and those responsible for stopping attacks are not in the security function, but rather other lines of business. Without proper budget or oversight, these threats aren’t being taken seriously and it should come as no surprise for mobile and IoT applications to be the culprit of major data breaches to come.”

Manufacturers are concerned with bringing high-tech, sophisticated apps to market as soon as possible to meet consumer demand, but they forget to develop strong security protection. This makes it easy for hackers to breach them and leak confidential or sensitive data about the company, trade secrets and employee information.

Leave a Reply