how to gather global mobile threat intelligence
TRANSCRIPT
By 2018, 25% of corporate data traffic will flow directly from mobile devices to the cloud bypassing enterprise security controls.
By 2020, 60% of digital businesses will suffer major service failures, due to the inability of IT security teams to manage digital risk.
Gartner, Special Report: Cybersecurity at the Speed of Digital Business, Paul E. Proctor, Ray Wagner, August 30, 2016
Have we adopted a position concerning the acceptable risk posture of mobile devices, and can we enforce it?
Have we performed an assessment of all potential risks associated with our mobile apps?
Do we know if threats are being perpetrated on our employees’ mobile devices today?
Global Threat Analysis Report Over 3800 Critical* threats in 7 days
• 63% of threats were network based
• 36% were App based
• >1000 devices involved across 86 unique networks
Top 4 Threats• Suspicious Apps (36%)• Fake SSLs (35%)• SSL Strip (23%)• ARP/ICMP MITM (4%)
ARP MITMFake SSL certificate MITM
ICMP Redirect MITMRogue Access Point
SSL StripSuspicious Android App
System TamperingTraffic Tampering
Grand Total
24362
186
114514
1315
1066
# of Devices
2%36%
2%0%
23%
36%
1%1%
# of Threats
ARP MITM Fake SSL certificate MITM
ICMP Redirect MITM
Rogue Access Point
SSL Strip Suspicious Android App
System Tampering Traffic Tampering
App Based36%
Device Based
1%
Network Based63%
Threat Distribution
App BasedDevice BasedNetwork Based