I don’t know about you, but the last couple weeks have been exceptionally busy for me using my mobile device while traveling. While I was on the road talking to folks from U.S. federal agencies, electric utilities, and financial firms, Gartner again highlighted the need for mobile security. New threats also appeared tied to Fake WhatsApp and the WannaCry authors caused concern and drove queries to Zimperium.
In a recent Computerworld article, “The best mobile threat defense is mobile threat detection”, Dionisio Zumerle, research director for mobile security at Gartner, made a strong case for mobile threat defense (MTD). The subhead of the article sums up the main point succinctly:
“It’s time to add MTD to your Enterprise Mobile Management toolkit. Because it’s better to get ahead of mobile threats than it is to try and clean them up after you’ve been attacked.”
Important points from the article and Dionisio:
- By 2019, mobile malware will amount to one-third of total malware; up from 7.5% today.
- By 2020, 30% of organizations will have MTD in place.
- MTD solutions must cover applications, networks and device-level threats to iOS and Android phones and tablets to be effective.
- Solutions are called mobile threat *defense* rather than detection because “solutions not only detect, but also can prevent and remediate threats,” according to Dionisio.
- Machine learning has emerged as a foundational technology in mobile threat detection. It is required to find all threats, including malware. According to Jack Gold, principal analyst at J. Gold Associates, “Before, you could do a scan of the binary and find patterns that didn’t match what they were supposed to do and detect it. Now, malware is often much more subtle and harder to find with a scan. You need to find the behavior of the app.”
- Mobile application “reputation solutions,” which are used to perform app vetting, are converging with MTD in a single solution.
- Tactically, Gartner recommends enterprises:
- Introduce MTD solutions gradually, depending on industry, applicable regulations, the sensitivity of data on mobile devices, specific use cases and organizational risk appetite.
- Adopt MTD sooner in high-security verticals, with large Android device fleets, or in regulated verticals, such as finance and healthcare.
- Integrate MTD with enterprise mobility management (EMM) tools.
In the end, Zimperium is mentioned as one of the leaders in the MTD market (we are top two based on my assessment/knowledge, and really the leader in enterprise-grade MTD), and Dionisio wraps things up with a simple statement I completely agree with: “In a nutshell, MTD solutions should be all-around mobile security solutions for enterprises.”
From the threat side of things, the last few weeks also saw our outstanding research team, zLabs, discover new malware behind the Fake WhatsApp, and Android-targeting malicious apps connected to the North Korea-backed Lazarus Group (the threat actors behind the 2014 Sony Pictures breach and current WannaCry) were found.
I can’t wait to see what the next couple weeks bring, and I would love to hear everyone’s thoughts on the article / Gartner’s perspective and the new threats. Please contact us with any questions or join our webinar on December 14 where we disclose enterprise mobile threats from the third quarter.