how to gather global mobile threat intelligence

By 2018, 25% of corporate data traffic will flow directly from mobile devices to the cloud bypassing enterprise security controls.

By 2020, 60% of digital businesses will suffer major service failures, due to the inability of IT security teams to manage digital risk.

Gartner, Special Report: Cybersecurity at the Speed of Digital Business, Paul E. Proctor,  Ray Wagner, August 30, 2016

Have we adopted a position concerning the acceptable risk posture of mobile devices, and can we enforce it?

Have we performed an assessment of all potential risks associated with our mobile apps?

Do we know if threats are being perpetrated on our employees’ mobile devices today?

Global Threat Analysis Report Over 3800 Critical* threats in 7 days

• 63% of threats were network based

• 36% were App based

• >1000 devices involved across 86 unique networks

Top 4 Threats• Suspicious Apps (36%)• Fake SSLs (35%)• SSL Strip (23%)• ARP/ICMP MITM (4%)

ARP MITMFake SSL certificate MITM

ICMP Redirect MITMRogue Access Point

SSL StripSuspicious Android App

System TamperingTraffic Tampering

Grand Total

24362

186

114514

1315

1066

# of Devices

2%36%

2%0%

23%

36%

1%1%

# of Threats

ARP MITM Fake SSL certificate MITM

ICMP Redirect MITM

Rogue Access Point

SSL Strip Suspicious Android App

System Tampering Traffic Tampering

App Based36%

Device Based

1%

Network Based63%

Threat Distribution

App BasedDevice BasedNetwork Based