Gartner Talks Mobile Security + Fake WhatsApp; WannaCry Authors Go Mobile…

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

I don’t know about you, but the last couple weeks have been exceptionally busy for me using my mobile device while traveling. While I was on the road talking to folks from U.S. federal agencies, electric utilities, and financial firms, Gartner again highlighted the need for mobile security. New threats also appeared tied to Fake WhatsApp and the WannaCry authors caused concern and drove queries to Zimperium. 

In a recent Computerworld article, “The best mobile threat defense is mobile threat detection”, Dionisio Zumerle, research director for mobile security at Gartner, made a strong case for mobile threat defense (MTD). The subhead of the article sums up the main point succinctly:

 “It’s time to add MTD to your Enterprise Mobile Management toolkit. Because it’s better to get ahead of mobile threats than it is to try and clean them up after you’ve been attacked.”

Important points from the article and Dionisio:

  • By 2019, mobile malware will amount to one-third of total malware; up from 7.5% today.
  • By 2020, 30% of organizations will have MTD in place.
  • MTD solutions must cover applications, networks and device-level threats to iOS and Android phones and tablets to be effective.
  • Solutions are called mobile threat *defense* rather than detection because “solutions not only detect, but also can prevent and remediate threats,” according to Dionisio.
  • Machine learning has emerged as a foundational technology in mobile threat detection. It is required to find all threats, including malware. According to Jack Gold, principal analyst at J. Gold Associates, “Before, you could do a scan of the binary and find patterns that didn’t match what they were supposed to do and detect it. Now, malware is often much more subtle and harder to find with a scan. You need to find the behavior of the app.”
  • Mobile application “reputation solutions,” which are used to perform app vetting, are converging with MTD in a single solution.
  • Tactically, Gartner recommends enterprises:
    • Introduce MTD solutions gradually, depending on industry, applicable regulations, the sensitivity of data on mobile devices, specific use cases and organizational risk appetite.
    • Adopt MTD sooner in high-security verticals, with large Android device fleets, or in regulated verticals, such as finance and healthcare.
    • Integrate MTD with enterprise mobility management (EMM) tools.

In the end, Zimperium is mentioned as one of the leaders in the MTD market (we are top two based on my assessment/knowledge, and really the leader in enterprise-grade MTD), and Dionisio wraps things up with a simple statement I completely agree with: “In a nutshell, MTD solutions should be all-around mobile security solutions for enterprises.”

From the threat side of things, the last few weeks also saw our outstanding research team, zLabs, discover new malware behind the Fake WhatsApp, and Android-targeting malicious apps connected to the North Korea-backed Lazarus Group (the threat actors behind the 2014 Sony Pictures breach and current WannaCry) were found.

I can’t wait to see what the next couple weeks bring, and I would love to hear everyone’s thoughts on the article / Gartner’s perspective and the new threats. Please contact us with any questions or join our webinar on December 14 where we disclose enterprise mobile threats from the third quarter.

The post Gartner Talks Mobile Security + Fake WhatsApp; WannaCry Authors Go Mobile… appeared first on Zimperium Mobile Security Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
1987 Followers
About Zimperium
Zimperium, the industry leader in Mobile Threat Defense, offers real-time, on-device protection against both known and previously unknown threats, enabling detection and remediation of attacks on all three mobile threat vectors - Device, Network and Applications. Zimperium’s patented z9™ detection engine uses machine learning to power zIPS™, mobile on-device Intrusion Prevention System app, and zIAP™, an embedded, In-App Protection SDK that delivers self-protecting iOS and Android apps. Leaders across the mobile ecosystem partner with Zimperium, including mobile operators (Airtel, Deutsche Telekom, SmarTone, SoftBank and Telstra), device manufacturers (Samsung, SIRIN, TriGem), and leading enterprise mobility management (EMM) providers (AirWatch, MobileIron, BlackBerry, Citrix and SAP). Headquartered in San Francisco, Zimperium is backed by Sierra Ventures, Samsung, Telstra, Warburg Pincus and SoftBank. Learn more at www.zimperium.com or our official blog at https://blog.zimperium.com.
Promoted Content
Mobile Threat and Vulnerability Report
Download Zimperium's Enterprise Mobile Threat Report for information mobile malware and Wi-Fi attacks around the globe plus how to defend against, KRACK, BankBot, and other mobile device vulnerabilities.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel