Security

10:35 AM
Mike Raggo
Mike Raggo
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

4 Mobile Security Predictions for 2015

As we look ahead, mobility is the perfect breeding ground for attacks in 2015.

From JP Morgan to Home Depot to Sony, 2014 saw digital attacks that were unprecedented in both impact and sophistication. As we look ahead, mobility is the perfect breeding ground for attacks in 2015. We rely on mobile devices and apps more than ever. They are always connected and increasingly hold our most sensitive financial and personal information.

Here are four mobile security trends to watch in 2015:

Attackers will look to apps. With the emergence of Wirelurker and the Masque Attacks on iOS, app threats are no longer exclusive to Android. With organizations on high alert, we will see businesses embrace App Reputation Services and Mobile Threat Prevention solutions to go beyond identifying OS compromise to spot malicious and risky apps. These solutions will continue to leverage enterprise mobility management (EMM) solutions to take action to mitigate malicious apps and devices, through quarantine and selective wipe. 

Open WiFi will remain low-hanging fruit. As long as free WiFi exists, users will continue to use it, unaware of the risks. Enterprises that support mobile devices will adopt certificate-based authentication to provide mutual authentication and proactively deter interception and man-in-the-middle attacks. 

Retailers will embrace Mobile POS. From a security perspective, 2014 was a tough year for some very prominent retailers. Attackers exploited vulnerabilities in legacy point-of-sale (POS) technology to the chagrin of retailers and consumers alike. With the deadline quickly approaching for merchants to meet PCI DSS 3.0 requirements by January 1, 2015, retailers now have another reason to fortify their deployments. As retailers replace legacy POS terminals to support EMV, more and more will devote budget to mobile POS to improve the customer experience, offer line-busting, improve security, and save money. In addition, the PCI Council has stated “EMV is not a silver bullet” for preventing a breach. The PCI Council also recommends P2PE (Point-to-Point Encryption) and “device management services.”

The network edge will continue to blur. In 2015, organizations will begin incorporating mobile context into their security strategies. As mobile becomes ubiquitous, firewalls, IPS, malware protection systems, and other legacy technologies will not be equipped to protect corporate information in mobile environments. Security organizations will need a better view into the security context of devices, apps, and mobile networks to automate security controls for protecting corporate data. As data increasingly exists on mobile devices and in the cloud, solutions that can secure and separate corporate clouds and personal clouds will gain traction. 

The bottom line is that 2015 will see attackers focused more on mobile attacks. As a result, organizations will scramble to fortify their deployments. To quote Sun Tzu’s Art of War, "So in war, the way is to avoid what is strong and to strike at what is weak." It will be important for organizations with mobile deployments to ensure their security strategy covers the weaknesses that remain in many deployments. "The art of war teaches us to rely, not on the likelihood of the enemy’s not coming, but on our own readiness to receive him." Ensure your defenses are up for 2015. The security technology exists and it's time to embrace it. 

Michael T. Raggo has over 20 years of security research experience. His current focus is social media threats impacting the enterprise. Michael is the author of "Mobile Data Loss: Threats & Countermeasures" and "Data Hiding: Exposing Concealed Data in Multimedia, Operating ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
LGeek
50%
50%
LGeek,
User Rank: Apprentice
8/31/2015 | 9:51:14 AM
iOS vs Android...
It's pretty logical that iOS is more secure than Android I guess... All the manufactors around the world using Android as their main OS of development vs the giant one firm "Apple" that conduct all their research for one blocked as hell OS/Kernel... Android is more open to developpers so it's just normal for hackers to find bugs faster... It's just my thoughts...


Thanks for the article !
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video