When asked why he decided to become a bank robber, Willie Sutton supposedly said “because that’s where the money is.” And, in the 1950s, the statement (whether or not it’s attributable to Sutton) was certainly true.
It’s also true that things have changed significantly in the last half century. Breaking into a bank vault might still result in a windfall for a criminal, but a great deal of commercial activity now lives in cyberspace. If the bandits of the early 20th century were alive today, I’d expect to find them sitting in front of a computer.
Global e-commerce is expected to total $1.4 trillion by 2015. I bet you can appreciate what an appealing target that is for the bad guys. What’s more, those bad guys are developing increasingly sophisticated means for infiltrating networks and devices. Spyware, for instance, can collect data such as credit card numbers, bank account information, usernames and passwords – and it’s often such an unobtrusive piece of software that people don’t notice its presence.
The threats aren’t limited to computers. Our always-on mobile devices are ripening into a juicy opportunity for cybercriminals as we perform more transactions on the go. Many retailers have optimized their websites for use on smartphones and tablets to make mobile purchasing easier. Near field communication (NFC) technology has the potential to turn your device into a digital wallet. And online banking applications are flooding mobile device app stores.
Mobile commerce only accounts for around two or three percent of the e-commerce market today, but it’s expanding at a rapid rate. A June, 2011 report by Forrester Research, Inc., entitled “Mobile Commerce: 2011 To 2016,” predicts that the industry will reach $31 billion by 2016¹.
There’s a very legitimate concern that companies’ efforts to protect and police e-commerce, especially in the mobile environment, aren’t up to the challenge. Take a look at the infographic below, and you’ll see that more than 80% of IT executives are worried about mobile security. And since only 37% have established security provisions specific to mobile devices, you can understand why. Depending on the type of data and the industry a company belongs to, may require different levels of protection. IT executives not only have to worry about corporate data on a device, but data compromise while communicating and through virus/malware/rogue application on the mobile device. All of this requires a very comprehensive and strategic view of levels of security and solutions to address them.