Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Security vendors failing to tackle mobile malware, say CISOs

Smaller point solutions are dominating the market, as traditional vendors get left behind

Article comments

Malware is still the biggest threat to mobile security, but most mobile device management (MDM) strategies tend to focus on securing the physical device in case of loss of theft, rather than protecting from cyber threats, according to Peter Gibbons, head of Information Security at Network Rail.

Speaking at the Infosecurity Europe 2013 press conference in London this week, Gibbons said that although mobile malware still only represents a tiny fraction of the total amount of malware in the world today, it is growing exponentially.

“Sooner or later someone is going it get it right and find a vulnerability in iOS or Android or Windows 8 – whatever it happens to be – and they're going to cause a significant loss of data through injected malware. In my view it's a matter of time,” he said.

Gibbons said that the scarcity of anti-malware products for mobile is a result of the way the security industry has evolved. Fifteen or twenty years ago it was all about anti-virus and firewalls and intrusion detection, but more recently the industry has become more concerned with protecting data.

“We started progressing away from securing the platform to securing the data, and then we got a new platform and it hasn't had that experience built into it, so I think there is a general naivety around that,” he said.

The traditional security vendors have also been slow to come up with mobile-specific security solutions, which has resulted in the market becoming dominated by smaller MDM companies like TouchDown and Good Technology, according to Gibbons.

“I get probably 10-15 calls a week from a technology vendor saying, can I come and meet you to tell me how brilliant my product is?” he said.

“When they're talking about mobile security technologies, it's not the big security companies. It's the smaller security companies, the single products, and they've broken into that market. I'm not getting McAfee and Symmantec asking about my mobile security.”

Although the traditional vendors are being left behind, however, the industry as a whole is moving in the right direction according to Andrew Yeomans, board member of the Jericho Forum. He added that mobile malware is still a fairly low-level concern for Chief Information Security Officers (CISOs).

“We ought to be aware that it's a possibility, but it's not something that's going to make me lose a lot of sleep for quite a long time,” he said.

Yeomans added that we are currently in the second phase of a major change in the security landscape. The first focused on controlling the network; then the network expanded and started connecting to thousands of devices, so the security moved down to the end points.

“The third phase is when we realise it's actually very expensive to do that, and most of the data we're passing round doesn't need protecting anyway, so let's move the protection down to the bits of data that actually matter to us,” he said

“Then it doesn't matter where you go, you can't actually access those bit of data unless you've got the appropriate keys and permissions to do so.”

The Infosecurity Europe summit takes place between 23-25 April 2013 at Earl's Court London.


More from Techworld

More relevant IT news


Jim Meyers said: If youre going to report the bad gotta throw in the good too A lot of forces in this industry arent sitting idly by while malware runs wild AppThority for instance partnered late last year with Airpush to combat malware which is definitely a problem AppThority is setting a high bar and so is Airpush especially for an Android ad network Hopefully well see more of this And hopefully it will be reported httpblogairpushcomhow-ai

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *