As we prepare to enter 2021, mobile undoubtedly dominates all digital traffic and drives the global economy. As a result, mobile apps also have become a top target for attackers and a high-risk vector for users and businesses alike. However, investment in mobile app security hasn’t kept pace with the market changes. In fact, Gartner has warned, “Through 2022, mobile application security failures will be the biggest mobile threat for enterprises.”
Mobile-first organizations have delivered new, unique experiences to increase engagement and time spent in apps. This digital transformation has spawned entirely new businesses and disrupted traditional businesses that now rely on mobile apps to unlock new revenue streams, improve customer engagement and empower remote work at anytime and anywhere. In order to succeed, companies must offer an innovative mobile app user experience combined with proper security and privacy protections.
The uptick of mobile apps has been dramatic! During 2020, time spent in mobile apps soared by 40% year over year in part due to the pandemic, ultimately strengthening user preference for mobile apps permanently. Mobile apps have generated an outstanding economic impact in 2020, posting the highest-ever consumer spend in mobile app stores overall up 25% YoY each quarter with $23.4bn in Q1, $23.3bn in Q2, and $28bn in Q3.
Track the latest mobile app usage and breaches in the news curated by NowSecure here.
Mobile minutes increased to 79% of total digital minutes in 2020 and mobile apps account for 88% of all time spent on mobile, according to Comscore. The typical mobile user has at least 60 mobile apps and enterprises collectively have anywhere from hundreds to tens of thousands of mobile apps installed on their employees’ devices. Mobile apps frequently dominate usage thanks to convenient instantaneous access and ease of use for specific tasks. In addition, mobile apps take advantage of sensors, geolocation and other features to deliver unique experiences.
Here are some highlights of the dramatic increase in mobile app downloads and session time:
The dramatic growth in mobile apps and mobile users has attracted the attention of attackers, cybercriminals and nation-state threat actors seeking to exploit security and privacy vulnerabilities. In some instances, organizations are unaware of the inherent risks of mobile apps, while others choose to prioritize other security and risk efforts which leaves their businesses in peril.
“Mobile application security has become a tangible problem for enterprises. While mobile device security has not been a major source of preoccupation and breaches, mobile application security failures are increasingly responsible for fraud and enterprise breaches. Often, these are public facing apps that may be the primary or only way an organization is able to interact with its customers or partners. Because they can run on any mobile device, these apps are built to run in a hostile environment, under the control of an attacker. Security and risk management (SRM) leaders must protect mobile applications to enable the organization to advance toward its digital transformation.”
Gartner: Avoid Mobile Application Security Pitfalls. DZumerle. Published 27 July 2020 – ID G00730988
Here are a few lowlights of mobile application security breaches from just this year alone:
Recognizing the inherent risks they have assumed in their mobilization efforts, forward-leaning organizations have already extended their enterprise risk management programs to include mobile app risk policy, governance and controls; but too many organizations have not. Organizations must factor regulatory fines, brand damage and revenue loss into the way they buy down the risk. A rigorous, consistent mobile application security and privacy testing and monitoring program can identify and minimize risks before they impact an organization’s assets and reputation.
Make sure that you are getting the most out of your security and privacy investments by investing in the areas that are most critical and introduce the most risk to your business — mobile apps. The good news is that advances in mobile appsec technology make it significantly easier, faster and less expensive to secure mobile apps than traditional desktop and web apps.
NowSecure helps organizations effectively and efficiently manage their mobile enterprise risk across the apps they build and use. NowSecure provides a rich solutions portfolio including automated mobile app security and privacy testing tools, mobile risk monitoring with supply-chain mobile store app vetting, expert outsourced pen testing services, secure mobile development training and mobile security program development.
Contact us to learn more about how we can help you secure and manage your mobile risk in 2021.