For years, security researchers and leaders have warned: “The mobile threat is coming.” Well, in 2016 it arrived in full force. Attackers are finding new, creative means of stealing user credentials and penetrating critical systems via the mobile channel. And healthcare entities—with an increasingly mobile workforce and patient population—are square in the middle of this expanding mobile threatscape, as attackers seek to capture and monetize critical healthcare data.
What are the most prevalent new threats, and what are leading organizations doing to bolster mobile security as we head into 2017?
This interview with BlackBerry VP Government Solutions Sinisha Patkovic, on Mobile Security: Preparing for the 2017 Threat Landscape, was produced for of a recent ISMG Security Executive Roundtable sponsored By BlackBerry.
2. For years, security researchers and leaders have warned: “The
mobile threat is coming.” Well, in 2016 it arrived in full force.
Attackers are finding new, creative means of stealing user
credentials and penetrating critical systems via the mobile
channel. And healthcare entities—with an increasingly mobile
workforce and patient population—are square in the middle of
this expanding mobile threatscape, as attackers seek to capture
and monetize critical healthcare data.
What are the most prevalent new threats, and what are leading
organizations doing to bolster mobile security as we head into
2017?
Welcome to this exclusive executive roundtable discussion on
Mobile Security: Preparing for the 2017 Threat Landscape.
This invitation-only roundtable will draw upon insight from new
mobile security research developed by BlackBerry Limited,
which finds that 37 percent of healthcare organizations do
not believe their current mobile device security strategies are
sufficient. Through an interactive discussion of threats, strategies
and solutions, attendees will tackle topics such as:
• Top mobile threats to healthcare organizations;
• The most important elements of an effective mobile security
strategy;
• How to overcome resistance by users who view mobile
security controls as an obstruction.
In addition to the peer-to-peer dialogue, benefit from
BlackBerry’s new mobile security research, which reveals:
• 73 percent of organizations have a mobile security strategy
in place, but only 3 percent say they have implemented the
highest levels of security;
• 82 percent of executives say mobile security precautions
cause at least some frustration among employees;
• 44 percent fear that too much mobile security will prevent
employees from doing their jobs.
You’ll have the opportunity to discuss this evolving mobile
threat landscape with a handful of senior executives and market
leaders in an informal, closed-door setting, from which you will
emerge with new strategies and solutions you can immediately
put to work.
Introduction
Key Takeaway: Through interactive dialogue, understand how your peers are
tackling emerging mobile security threats. Walk away with new insights and
ideas about the threat landscape and how to prepare to tackle it in 2017.
Mobile Security: Preparing for the 2017 Threat Landscape 2
3. Discussion Points
Among the questions to be presented for open discourse:
• How do you assess the state of mobile security at your organization today?
• What points stand out to you from the mobile security research that was just shared?
• What do you see as the top mobile security threats to your organizations heading into 2017?
• What level of resistance do you face from your own end users, who see security as an obstruction?
• How do you counter this resistance?
• What are the key elements of your mobile security strategy for 2017?
• What types of investments will you make to fulfill that strategy?
Mobile Security: Preparing for the 2017 Threat Landscape 3
4. About the Expert
Joining our discussion today, to share the latest insights and
case studies on mobile security, is:
Sinisha Patkovic
VP Government Solutions,
BlackBerry Limited
Patkovic leads a global team with the remit that the BlackBerry security product offering remains
relevant to both commercial and public sector organizations’ evolving set of needs. He has been
working on secure communications projects with many federal governments and has been actively
engaged in the dialog on emerging issues spanning cybersecurity, ecommerce, and privacy.
About BlackBerry
BlackBerry secures, connects and mobilizes the enterprise. For today’s enterprise of things,
BlackBerry provides devices and a software platform that enables and manages security, mobility
and communications between and among hardware, programs, mobile apps and the internet of
things. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates in North America,
Europe, Middle East and Africa, Asia Pacific and Latin America. The Company trades under the ticker
symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ.
For more information, visit www.BlackBerry.com.
Mobile Security: Preparing for the 2017 Threat Landscape 4
5. About the Moderator
Leading our discussion today is:
Mathew Schwartz
Executive Editor,
Information Security Media Group
Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers
and electronic media. He has covered the information security and privacy sector throughout
his career. Before joining Information Security Media Group in 2014, where he now serves as the
Executive Editor, DataBreachToday, and European News Coverage, Schwartz was the information
security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst
other publications. He lives in Scotland.
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely
to information security and risk management. Each of our 28 media properties provides education,
research and news that is specifically tailored to key vertical sectors including banking, healthcare
and the public sector; geographies from North America to Southeast Asia; and topics such as data
breach prevention, cyber risk assessment and fraud. Our annual global Summit series connects
senior security professionals with industry thought leaders to find actionable solutions for pressing
cybersecurity challenges.
For more information, visit www.ismgcorp.com.
Mobile Security: Preparing for the 2017 Threat Landscape 5
6. NOTE: In advance of this event, ISMG’s Mathew Schwartz spoke
with BlackBerry’s Sinisha Patkovic about mobile security. Here is
an excerpt of that conversation.
Research Highlights
MATHEW SCHWARTZ: BlackBerry recently conducted some
mobile security research. What would you say are some of the
highlights of this study?
SINISHA PATKOVIC: We do studies as frequently as we can to
understand what the market is asking and what new features,
new products and areas of innovation we need to work on. We’re
currently in a strong innovation cycle, with some of our new
products having to do with mobile security and the internet of
things, as well as helping enterprises in general do more with less
but in a very secure manner.
We’ve found that the threat landscape has been changing over
the past few years. Recently, we’ve seen one of those interesting
new IoT attacks which essentially bridge the omnipresence of
devices connected to the internet. As we have more and more
of these devices connected inside and outside the enterprise,
getting these comprehensive tools put into place by enterprise IT
is more critical than ever. This is pretty much in the center of our
interest.
Mobile Security Threats
SCHWARTZ: What do you see as some of the top mobile security
threats?
PATKOVIC: There is a huge variety of business in the UK, both
public and private sector, from small ones with very small IT
shops to large ones with sophisticated, layered enterprise IT
organizations. And each one deals with mobile security threats
differently.
Two things come to mind when we talk to organizations across
all sectors. One is that all of them actually have a lot of extremely
sensitive information, and they want to do everything in their
power to protect them. At the same time, they need to share
that data. So, they struggle with the challenge of collaborating
effectively while not losing that important control.
Two, organizations have become very conscious of the many
computerized and interconnected tools and devices they use,
all of which generate data. These tools and devices can be
compromised through vulnerabilities in supply chains or while in
operation. Either scenario can take out critical IT systems and put
data at risk.
As you can see, there is a desperate need for better, more secure
workflows during all of these processes.
CONTEXT
Discussion Points
Q&A with Sinisha Patkovic of BlackBerry on Mobile Security
“[H]ealthcare organizations have become
very conscious of the many computerized
and interconnected tools and devices
they use, all of which generate data.”
Mobile Security: Preparing for the 2017 Threat Landscape 6
7. User Resistance
SCHWARTZ: How can security leaders overcome this resistance
from end users who sometimes see security as an obstruction to
them being able to do their jobs?
PATKOVIC: You’ve just asked one of the most fundamental IT
security questions. And the answer to it is in the transparency
and the ease of use of security. Usability will win over anything
that’s thrown at the users. Users, typically, will go with the least
resistance, no matter what.
When organizations deploy secure file sharing systems, their
employees suddenly start accessing files from their phones,
desktops and laptops and share documents with their internal
colleagues as well as with their peers at other agencies. And they
can do so without fear of losing control. When employees realize
they can provision a document for sharing—or revoke that access
once it’s no longer needed—with a touch or a flick, they are more
effective and productive, and organizations are safer overall.
Mobile Security Strategy
SCHWARTZ: In today’s landscape, what are the key elements of a
mobile security strategy?
PATKOVIC: Organizations want to make sure security is baked in
at both the device and application level and layered in throughout.
That means they want ease of application deployment, and they
want ease of use in both corporate-owned devices, as well as
BYOD. They want simplicity and consistency of interface, but most
importantly, they want a really high level of security.
One of the biggest trends in today’s landscape, therefore,
is supplying easy to use, two-factor authentication over an
application container. This means you can bring your own
device to the enterprise and have it provisioned on the fly. You
can access your corporate apps whether you’re an employee
or coming from the outside as a partner. Your apps are pushed
to you on the fly, via two-factor authentication that’s easy to
revoke once you no longer need that access. Having that ease of
deployment for IT and ease of use for the end user is a win-win
strategy.
SCHWARTZ: Talk to me a little bit about BlackBerry. How are you
helping your customers respond better to today’s mobile threats?
PATKOVIC: Strategic mobility is the primary theme with our
customers today. We’re past the time when MDM or simplistic
EMM is sufficient. Shops that just deploy MDM controls see little
return on investment because their end users are unhappy with
its limited functionality. For instance, if your MDM tooling doesn’t
keep work and personal mailboxes segregated, you could lose
personal data on doctors’ BYOD devices if you have to remove
them or wipe them. Or worse, if your tooling does not allow for
work-specific access control, you will have to enforce a lock
on the entire device. This causes staff to be unable to respond
to personal or other emergencies outside of the organization
whenever their phone is locked, and your Help Desk will get
swamped with high-priority user calls.
We’ve done a tremendous amount of work on bringing together
the most comprehensive portfolio in terms of security and
enterprise mobility. It enables our customers to very quickly
create a secure, strategically protected mobile environment. We
help them devise a strategic path for them to secure their mobile
enterprise. We offer a very comprehensive and layered portfolio
that encompasses EMM, MDM, file sharing, container systems,
and two-factor authentication, all of which can work across all
devices in all modes of operation. They need just one tool set
to run, subscribe to and administer different sets of controls and
strategies to all of their various departments.
And the customers can really go and pick different departments
in their organization and deploy different sets of controls and
strategies for each with only one tool set—one tool set to run, one
tool set to subscribe to, and one tool set to administer.
Since January of 2016, we’ve won contracts with 11 out of 43
U.K. law enforcement agencies both in terms of switching from
competitive solutions and in terms of operating their suites with
the latest BlackBerry Enterprise Portfolio, which encompass EMM
tools, file-sharing and real-time secure chat, among other tools.
Our customers realize the opportunity we can provide them
and leverage our portfolio to provide their organization with a
sustainable mobile strategy that protects against threats and
improves productivity for the next several years. n
“Usability will win over anything
that’s thrown at the users. Users,
typically, will go with the least
resistance, no matter what.”
Mobile Security: Preparing for the 2017 Threat Landscape 7
8. 902 Carnegie Center • Princeton, NJ • 08540 • www.ismgcorp.com
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organisation devoted solely to information
security and risk management. Each of our 28 media properties provides education, research and news that is
specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from
North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud.
Our annual global Summit series connects senior security professionals with industry thought leaders to find
actionable solutions for pressing cybersecurity challenges.
Contact
(800) 944-0401 • sales@ismgcorp.com