Mobile device security is the top source of pain for enterprise security managers interviewed for the most recent information security study. Encompassing the general shift from BlackBerry devices to a panoply of different devices owned by either the enterprise or its employees, this pain point includes general IT consumerization, employee expectations, mobile device management, and the management challenges created by implementing such technologies.
Some pain points were consistent between last year and this, including hackers, the ineffectiveness of security awareness training, and regulatory/compliance requirements. Data security in general dropped as a concern from 15% to 7%, but with the major caveat that data-loss prevention emerged as a source of pain among 8% of respondents. Other concerns, such as third-party security and vulnerability management, experienced major upticks among interviewees.
Security respondents had the following to say about what causes them pain:
- “Malware, it’s more targeted, more spear-phishing, going after people they know are not technical, like executives, like an email with ‘you need to reset your password, click here.’ And then that’s bad and they’ve given their password to someone from the Ukraine.” – LE, Consumer Goods/Retail
- “Increasing frequency of regulatory inspection. Every country (140) we sell in has some kind of regulatory oversight, and they reserve the right to inspect any of our operations worldwide.” – LE, Education
- “Mobile apps – the new way to steal information.” – LE, Financial Services
- “XP remediation; 47,000 PCs with many running XP. Microsoft dropped support – 891 under my control.” – LE, Industrial/Manufacturing
- “Our Web applications. Just the different vulnerabilities that are popping up left and right. You can only do so much, and you turn around and there’s a few that squeak by.” – MSE, Financial Services