APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • IBM
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • IBM
    Editor's Pick (1 - 4 of 8)
    left
    Beautifully Autistic - Enabled To Make A Difference What Did My Children Teach Me About Life, Business, And Innovation?

    Ahmed Abukhater, CIO - Chief Innovation Office Boeing

    Fusing Business and Technology to Create Value

    Bob Hennessy, Group CIO, Lendlease [ASX: LLC]

    Data Security across the Enterprise

    Kas Nader, CIO & SVP of Global Technology, Atlanticus Holding

    Evolving Data Security Involves Database Architecture

    Tom Basiliere, CIO, Provant

    Hybrid Intelligence

    Sharam Hekmat, CIO, IOOF Holdings, Australia

    New Technologies bringing Revolution to Remote Access Solutions

    Vijender Yadav, Director & CTO, Propalms Network

    Using digital simulation to inform sustainable growth

    Shaun Nesbitt, Chief Digital and Information Officer, Urban

    Dyno Nobel A Dose of Our Own Medicine

    Sabina Janstrom, IT Director,Dyno Nobel.

    right

    Smart Phones Have Not So Smart Security

    Dan Ross, President & CEO, Promisec

    Tweet
    content-image

    Dan Ross, President & CEO, Promisec

    Smartphones. They have spurred a global revolution in how we work, play, shop, and relate to one another. They fuel innovation and productivity in astonishing ways, reaching even the most distant and underdeveloped corners of the world. They have empowered the disenfranchised, democratized information sharing, and shined a spotlight on corruption. They are also addictive and pervasive, affecting everything from personal health to public safety. And all of this has happened in less than ten years.

    "One of the reasons mobile devices make us so vulnerable to cyber attack is that they are constantly collecting, storing, and transmitting data about us"

    By 2020, there will be over 6 billion smartphone users worldwide, compared to the current 2.6 billion smartphone subscriptions. This meteoric growth over the next 5 years will stimulate more positive developments, powering innovations beyond imagination. But there is a downside to the rapid growth of mobile devices, especially when it comes to BYOD programs in the workplace. Long gone are the days when work and play were kept separate, one on a BlackBerry and the other on an iPhone. Because we use smartphones for every kind of communication and computing task all day long the boundaries between business and personal use are blurred and all types of data, including sensitive corporate information, are commingled.

    Smartphones are so wildly popular because of the convenience and ease they bring to our daily lives; paying careful attention to security measures or restricting our use goes against our human nature. Of course, we must create and enforce BYOD policies and raise awareness through training—for the sake of personal security and the protection of business networks and assets. But with billions of mobile users and a rapidly proliferating Internet of Things, no amount of policy or training will solve the growing risks created by these devices and their users. The technology itself must be made smarter and more secure. Everything from operating systems to device settings to apps to data to hardware is subject to attack. And each device and platform has proprietary and transparency issues; consumers are left with few truly secure choices. Options that are affordable as well as secure are even more limited.

    As of 2015 Q2, Android market share was 82.8percent, iOS 13.9percent, and BlackBerry 0.3percent. Android handsets tend to be more affordable, in part due to the competition among manufacturers. Samsung, Huawei, Xiaomi, and Lenovo are on top for now. Unfortunately, this also means that the more insecure devices, OS, and apps are the most prevalent. The Stagefright security flaws (now identified as two strains) potentially affect over a billion Android users.

    The flaws make it possible for hackers to take control of a device and steal data, with the trigger being as simple as receiving a text message or auto-playing an audio or video file. Google promptly issued patches, but the device manufacturers are notoriously slow to release updates and consumers are even worse at applying them. A particularly egregious example from earlier this year is Samsung’s pre-installed SwiftKey keyboard. SwiftKey updates over unencrypted lines, leaving devices vulnerable to man-in-the-middle attacks wherein hackers create spoof proxy servers to send malicious code to the devices. Users were not able to download a new keyboard to fix the bug, and because it was tied to the operating system, couldn’t uninstall or disable the vulnerable feature, even if they were using a different keyboard app. Samsung required months to fix the issue, and rollouts to carrier networks were slow and spotty. In the end, even savvy users ready to install patches (not the majority, by the way) were left exposed for half a year.

    One of the reasons mobile devices make us so vulnerable to cyber attack is that they are constantly collecting, storing, and transmitting data about us, often without our explicit knowledge or consent. The data layer inherent to apps, web browsers, ecommerce, and social media is a treasure trove of PII, demographics, geo-location data, and online behavioral habits. Companies and marketing organizations are still working through the security and privacy implications of amassing, analyzing, and applying all this consumer data, and a host of regulations have sprung up to protect individuals. But cyber criminals, obviously, operate outside of policy and regulations and are clawing their way through to this invaluable data via multiple attack vectors. Securing this information should be the urgent mandate of any enterprise that uses it. On the other hand, consumers and citizens must be highly vigilant about their personal security and assets, operating always under the assumption that far too much of their information is out of their control and can be used against them.

    Finally, the hardware aspect of mobile devices is in itself a huge problem. The wireless mobility, small form factor, and our habitual public use of these devices makes them all too easy to lose or steal. Thanks to security features added to recent models, more users are using screen locks, but those who don’t have left themselves wide open at any point their device is not in hand. Researchers have found ways to remotely manipulate phones by sending radio signals to headphones; these kinds of vulnerabilities will be exploited more frequently as hackers look for new, more sophisticated ways to control mobile devices undetected.

    As the infrastructure of smart, connected devices (IoT) begins to take shape, mobile devices will increasingly be used to remotely control machines, read sensors, and activate other consumer devices (e.g., appliances, home security systems). This presents yet another urgent reason to figure out how to lock down mobile devices in the event of loss or theft, and to harden the security of every component from hardware to operating system. The potential consequences of kinetic attacks in the physical world launched via mobile device are gravely alarming and will hopefully prompt more serious reflection and remediation than we’ve seen in the wake of numerous massive PII data breaches.

    In the meantime, everything from operating systems to app development to Big Data practices requires greater scrutiny, better planning, and intense testing. Clearly, the development and release of patches needs to be sped up and streamlined. Segmentation of work and personal spaces on each device would ensure that corporate data was more protected and could be more easily controlled by endpoint security solutions and mobile device management products. Vendors should be more transparent with consumers about which apps are accessing data and smartphone functions (e.g., camera, audio recording). They must make it easier in general for users to understand how secure their device is overall, and how to tweak settings for more control and privacy, even if that doesn’t always work in the vendor’s favor.

    We are literally all in this together. Our billions of devices are all interconnected, our data is free ranging, the cyber criminals are targeting all of us, and every type and size of business is at risk because of mobile device vulnerabilities. We should expect and demand better products and services, and use security features whenever feasible. Enterprises should already be setting up overarching training, policy, and technology solutions to protect their supply chains, employees, customers, and assets. Any organization that has failed to do so is courting disaster. Mobile security is a growing challenge that can be dealt with now. Make sure to make mobile security a priority so you won’t be left behind or be left exposed.

    Check this out: Top Managed Security Service Companies in APAC
    tag

    cyber criminals

    cyber attack

    Big Data

    Scrutiny

    IoT

    Public Safety

    Weekly Brief

    loading
    Top 10 IBM Solution Companies - 2019
    ON THE DECK

    IBM 2019

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Technocreativity: The Synergy Of Technology And Creativity

    Technocreativity: The Synergy Of Technology And Creativity

    Tran Nguyen Phi Long, Group Head Of Retail Marketing, Pnj Group
    Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran

    Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran

    Sigit Triwibowo, Head Of It And Digital, Chief Technology And Digital, Ikea
    Executive Leadership And Digital Transformation In The Global Fashion Industry

    Executive Leadership And Digital Transformation In The Global Fashion Industry

    Eiko Ando, E-Commerce And Digital Director, Pvh Corporation
    Digital Transformation in Fashion Retail - From Efficiency to Experience

    Digital Transformation in Fashion Retail - From Efficiency to Experience

    Le Van, CTO, YODY Fashion
    Driving It Transformation at Lactalis Australia

    Driving It Transformation at Lactalis Australia

    Sabina Janstrom, Chief Information Officer, Lactalis Australia
    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    Phiphat Khanonwet, Head of IT, Onyx Hospitality Group
    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    Andreas Kurz, Global Head of Digital Transformation, ALFAGOMMA Group
    The Role Of Digitalization In Transforming Airport Customer Experiences

    The Role Of Digitalization In Transforming Airport Customer Experiences

    Kebebew Bulto, Director Addis Ababa Bole International Airport, Ethiopian Airlines
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://ibm.apacciooutlook.com/cxoinsights/smart-phones-have-not-so-smart-security-nwid-705.html