Mobile devices 'significant risk' to cyber security - BAE Systems

Boards are starting to wake up to the risks

Smartphones, tablets and other mobile devices are seen as a significant security risk to organisations by over 70 per cent of top IT decision-makers.

That's according to research released by BAE Systems Applied Intelligence in a new report, Business and the Cyber Threat: The Rise of Digital Criminality, which warns cyber attacks are taking place on an ‘industrial scale'

However, it reveals IT leaders in the UK, North America and Australia are starting to put greater focus on defending against mobile security threats, with 71 per cent of the opinion that tablets and smartphones - be they corporate or personal devices - pose a significant risk to cyber security.

That risk is magnified if devices are filled with downloaded tools, with recent research by US application security intelligence provider Cenzic revealing that 96 per cent of apps have an average of 14 vulnerabilities each.

But while over 70 per cent of respondents told BAE Systems they view mobile devices as a security risk, only 56 per cent are confident their organisation understands the risks associated with mobile capabilities.

Nonetheless, when it comes to general cyber security awareness, 88 per cent said they're confident in their organisation, with boards aware of mobile and standard threats, something which Paul Henninger, global product director at BAE Systems Applied Intelligence finds encouraging.

"Although mobile attacks are becoming increasingly prevalent, it's encouraging to see a high level of awareness and concern of the mobile threat at Board level," he said.

"With a growing number of avenues for criminals to target in an increasingly hyper-connected world, it is more essential than ever that organisations think carefully about the actions they need to take to protect themselves and their customers as effectively as possible," Henninger added.

However, he also warned organisations against treating the threat from hackers and malware as solely an IT issue.

"Cyber threats are not the same as the everyday technology problems faced by businesses, so it's especially important that the threats posed by cyber criminals, and the tactical impact that attacks can have on the business as a whole, are addressed at board level and not treated as an IT problem alone," Henninger said.

Research by BAE Systems also found that 90 per cent of British businesses expect the number of cyber attacks against them to increase, with over two-thirds believing "organised fraudsters" to represent the biggest threat.

The majority of organisations are therefore looking to increase spending in order to fight against these growing threats as many see cyber crime as a top-three business risk.

"We're starting to see genuine interest from British businesses who realise that the threat of digital criminality is something that affects their whole business and is not just an IT issue," said Martin Sutherland, managing director, BAE Systems Applied Intelligence.

"As the number of avenues open to criminals in a hyper-connected world increases, it is more essential than ever that organisations think carefully about the actions they need to take to protect themselves and their customers as effectively as possible," he added.