Insights by sector

Financial services

Customers put a lot of trust in their financial institutions, and that means these organizations are under pressure to stay secure. Ninety-five percent said their customers expect a reliable service, and any less could have a lasting impact on their reputation. But they’re also at serious risk—87% said that cybercriminals see their sector as a more lucrative target than other industries.

In this year's study, we found that almost half (48% ) had sacrificed security in the name of expediency. And cutting corners has taken its toll. The sector was the second most likely to have suffered a mobile compromise (47%), behind information and media. Since financial  services companies think that a good cybersecurity reputation is key for attracting customers, they could benefit greatly from reassessing and strengthening their mobile security.

Healthcare

Healthcare organizations are using mobile to empower employees and deliver better patient outcomes. It’s helping to improve outpatient care, reduce readmission rates and provide insights to improve the accuracy of diagnostics  and treatments.

Despite the benefits of mobile, healthcare organizations are worried. Eighty-eight percent said they are concerned that the highly confidential nature of patient data makes them a target for cybercriminals. And it’s more than just privacy that’s at risk. Eighty-five percent said they feared that a security compromise could seriously compromise patient care.

Healthcare organizations also face unique challenges when it comes to security. In a clinical setting, employee efficiency and productivity are crucial. The ability to make fast decisions can mean the difference between life and death. Seventy-two percent of organizations said that this need for speed made it harder to implement effective controls.

Thirty-eight percent of those in our latest survey said that they'd suffered a mobile security compromise—a significant increase from the 25% we reported in 2019.

Information and media

In their quest to create the next commercial success, many information and media companies seem to be neglecting mobile security. Seventy-three percent had knowingly sacrificed security—more than any other industry. And   50% had suffered a compromise involving a mobile device. That’s a major leap from the year before, when just 33% were compromised.

For these creative companies, protecting intellectual property (IP) is often key to their competitive advantage. Over half (55%) of information and media companies were worried about the exposure of their IP or trade secrets, compared to an average of 42% of all companies.

Despite their concerns, only 1 in 10 are following four of the most basic security precautions—changing default passwords, testing security, encrypting data and restricting access on a “need to know” basis.
 

Professional services

Professional services companies — including accountants, lawyers, real estate brokers and surveyors — tend to be customer-facing businesses. More than half were worried about suffering damage to their reputation as a result of a mobile security compromise (55%). They were also concerned about a range of data being compromised or exposed — including sensitive internal or strategic data, employee data and customer data — all cited by more than 70% of industry respondents.

Perhaps that’s why these companies are playing it relatively safe. Of all sectors, they were the least likely to have sacrificed mobile device security (26%). And their efforts seem to be paying off—they were the least likely sector to have suffered a mobile compromise. Just over a quarter (27%) were hit this year. That’s a major improvement on 2019, when over two-fifths (41%) were hit.
 

Manufacturing, construction and transportation

Companies in this sector know that a mobile security compromise can be disastrous. Eighty-nine percent said that a mobile security compromise could disrupt their entire supply chain, with serious financial implications. And if an attacker gained access to critical systems or disrupted machinery, the consequences could be even worse. Eighty- one percent said that a compromise could threaten the physical safety of their employees.

Manufacturers aren’t just worried about falling victim to attacks by random hackers; they’re also concerned about which hands their stolen data could fall into. The vast majority (84%) said they are specifically worried about their competitors stealing their trade secrets or IP.

Yet despite everything that’s at stake, they’re still cutting corners on security: Less than half (45%) said that they change all default passwords or encrypt sensitive data when sending it across public networks (47%). Over two-fifths (41%) suffered a mobile compromise this year, almost twice as many as we found in our previous report.

Public sector and education

Mobile is helping governments and government agencies to serve their citizens and employees better, but it could also put sensitive data and critical systems in danger. 2019 saw a number of U.S. cities being held ransom by hackers, often causing disruption to important public services and infrastructure.

In fact, 77% of public sector organizations said that a mobile security compromise could put people’s lives at risk. But public sector organizations are also worried about staff records being exposed—90% said that their employees’ data is as sensitive as that of the people they serve.

Yet despite the risks, 36% of public sector organizations had sacrificed security to “get the job done.” And these organizations were 2.2 times as likely to have suffered a compromise—a bigger multiplier than in any other sector. Overall, 39% of public sector organizations had suffered a compromise involving a mobile device. That goes up to 44% for education organizations—a significant jump from our 2019 report.

Retail

Retail, travel and hospitality companies are using mobile to appeal to modern consumers and keep physical stores relevant. Mobile is also helping to cut costs and waste from the supply chain. But there’s also a lot at stake — 87% said they are concerned that a mobile security breach could have a lasting impact on their brand and customer loyalty.

Retailers are worried about a wide range of mobile security threats, from emerging ones like cryptojacking to more traditional threats like ransomware and phishing. But they’re also concerned about “insider threats,” rating their employees as the greatest risk when it comes to mobile devices.

Employee actions, even if inadvertent, can expose retailers to greater risk. While 88% of retailers said their frontline staff use mobile devices, only 37% said that these employees have a high level of cybersecurity awareness. And despite the risks, 40% of retailers had knowingly sacrificed mobile security. Our latest data shows that 30% had suffered a compromise—no improvement over our 2019 report.

Small and medium-sized businesses

They might lack the resources and IT budgets of larger enterprises, but that’s not holding small and medium-sized businesses (SMBs) back when it comes to innovation. Mobile and the cloud are levelling the playing field — 83% of SMBs said that cloud-based services are helping them to compete with larger businesses. And 80% said that using mobile to access business systems is key to their profitability and productivity.

But SMBs often lack the in-house expertise to react quickly and mitigate damage if hit by a mobile security compromise. As a result, the impact can be more severe and difficult to recover from — 43% said that mitigation was "difficult and expensive" compared to just 36% of larger companies. They can also find it harder to bounce back from the impact on their customers' confidence and order book. Over half (55%) said that they think that they have more to lose from a security compromise than a large enterprise.

Despite this, 39% of SMBs admitted to having knowingly sacrificed security. And while only 28% had suffered a mobile-related compromise, compared to 44% of larger companies, this is still a sizeable number and shows that hackers don't think SMBs are too small to care about.