The Troubled State of Mobile Security for SMEs

With the rising number of attacks on smartphones, we look at the stats, some of the companies and what mobile security means to enterprises in the UK. 

The mobile security ecosystem has successfully thwarted several cybersecurity challenges in recent years. Even the average cyber breach size has gone down to 23,600 records in the UK against a global figure of 25,575.

However, the other statistics are staggering and present a problematic state of mobile security in the UK. Hiscox’s numbers suggest that one SME is attacked and hacked every 19 seconds in the UK. These enterprises have been bearing the brunt of failed security architecture lately. A study by IBM found that UK enterprises lose $3.88 million (£2.82 million) on average per data breach.

The Rising Number of Attacks on Smartphones 

With the escalating use of mobile devices, rising malware threats against smartphones have captured global attention. Consumer demands are expanding, and so is a manufacturer’s tendency to win customer approval. Today, most smartphone technologies are awash with codes. Critically, these codes can be abused by exploiting the easily identifiable bugs.

Mobiles are prone to faulty designs, and IT companies have allegedly compromised security over features to stay in the race. For example, the growing trend of ‘thin’ smartphones with optimum camera quality and battery life comes with jeopardised security factors, including initialising cryptographic keys to the device’s very own application processor or SoC. Apple, once lauded for user security, has released buggy codes repeatedly in the past few years. Microchip vulnerabilities are harder to deny nowadays.

The notorious Meltdown and Spectre shook the ICT industry when the Google-backed Project Zero team depicted how executing third-party code on processors invites considerable security risks. These security weaknesses are interconnected, creating a malicious trap to siphon user data, spy on key personalities and even pull financial scams. At times, hackers prey upon the bug bounty ecosystem and find methods to launder these security attacks by capitalising on them.

Another potential yet low-lying security threat to mobile infrastructure is cryptojacking, where hackers can exploit smartphones without user authorisation to mine cryptocurrency.

Today, the onus for securing mobile devices against unwanted threats is on operating systems – both Android and iOS, thus putting stress on the already vulnerable sector.

What Does Mobile Security Mean to Enterprises? 

From an organisational perspective, remote working in 2020 and 2021 has drastically weakened the traditional ‘securing the network area’ approach. Moreover, the digital infrastructure has spread to a point where malware detection, antivirus or nominal security applications are beginning to lose their decades-old prestige in countering cyber threats.

Besides, corporate data is most vulnerable with smartphones. A study by Verizon recorded that 60% of organisations are wary of mobile devices used on premises and consider smartphones a major security hazard.

To counter mounting threats, several enterprises are seeking third-party avenues to secure their communications and employee privacy.

Tessian is one of the names filling in the gaps here. The enterprise aims to protect all human-digital interactions in an organisation by deploying machine learning against spamming emails, unauthorised data retrieval from mobiles, and spear phishing. Its services are available for both mobile and computer devices.

Tessian’s flagship Human Layer Security model has consumers in various sectors – such as legal, fintech and healthcare. Arm, Affirm and Investec have employed Tessian to stop attacks stemming from email marketing. Tessian has also recently completed a Series C round which saw an investment of $65 million (£47.3 million).

Salt Communications is based in Belfast and is guarding user privacy within mobile communications. An open source startup, Salt offers an encrypted and autonomous communication portal to organisations and even private clients to secure their chats, calls and multimedia messages. The startup is more relevant now as the Pegasus controversy has put some countries in the spotlight over alleged spying on media persons, businesses and certain critics. Salt’s client list includes the military, governments, especially in the Middle East, and the judicial system.

Hampshire’s Onecom is also supporting the telecommunication market with threat detection. With Apple, Samsung and Vodafone as its partners, OneCom offers a mobile device management (MDM) platform. MDM allows ICT companies to centralise all devices to one hub. Also, users can block, restrict or grant limited access to applications installed on devices, adding an extra layer of user consent management.

Onecom’s initial success was tailored from a partnership with Ageas Bowl and Coulson’s mobile solutions in the early 2000s. In 2019 the firm raised £100 million in its equity funding round. With developments in 5G and talks about generous investment in cyber infrastructure, OneCom’s market segment is sure to expand in the coming years.

Where Next for the Existing Security Crisis?

At the event CYBERUK 2021, Dominic Raab, the Foreign Secretary, precisely pointed at the state of cybersecurity in the UK and globally. With rapid attacks mounting on the NHS through WannaCry, Raab has called for a global response against cyber terrorism and a pledge to invest £22 million in cyber infrastructure. The call is in unison with the growing mobile security market. Businesses now need to ramp up mobile critical infrastructure, deploy rooting prevention and ensure code obfuscation for third parties.

As per Allied Market Research, the mobile security ecosystem will touch the $122.89 billion (£89.43 billion) mark by 2027, a highly ambitious number for the UK to target. Mobile security has always stood as the epitome of data confidentiality and integrity. Today, it is under attack.

Pim Donkers, CEO, ARMA Instruments, points out most users are ignorant of the fact that security and smartphones go hand in hand; it is, in fact, one concept.

Organisational security has now become a part of the high-level executive conversation; it is now time that the debate reaches the attention of SME owners and the general public.

Avya Chaudhary
Avya Chaudhary is an engineer turned writer and an ardent potterhead. Currently associated with TechnologyAdvice as a freelance writer, Avya develops high-quality content for businesses. She also has a well-demonstrated history of working with NGOs, civil societies and currently pursuing her passion for community service and content marketing.

Popular Articles