Want to learn more about this report, mobile security or the broader cyberthreat landscape? In this section, you'll find information on our survey methodology, details about the data referenced in this report, bios of our contributors and recommended further reading—from law enforcement advisories to spotlights on specific industries and segments.
Verizon thought leadership
Verizon is committed to sharing analysis and insights with the rest of the industry, law enforcement, and public- and private-sector organizations in the interests of improving the security of devices, data and critical infrastructure. As part of this commitment, we publish a number of pieces of research and thought leadership.
Other Verizon Mobile Security Index publications
These concise reports provide detailed insights into the state of mobile security in four key vertical sectors: finance, healthcare, manufacturing and retail.
Small and medium-sized business spotlight
This report gives a deep dive into the threats companies with up to 499 employees are facing.
Public sector spotlight
Learn about the state of mobile security in the public sector—including local, state and federal government and educational institutions.
Other Verizon security reports
Data Breach Investigations Report
The DBIR is one of the IT industry’s foremost security publications. Since 2008, it has provided highly respected insight into the state of cybersecurity based on analysis of real incidents. Overall, the DBIR team has analyzed over 375,000 security incidents, including nearly 18,000 confirmed data breaches, from around the world. The 13th edition will be published in early 2020.
Insider Threat Report
The Insider Threat Report provides detailed insights on five main causes of internal data breaches, so you can strengthen your cybersecurity protections and reduce the risk of valuable assets being compromised from within your business.
Payment Security Report
Verizon’s annual Payment Security Report on payment card security has become vital reading for those responsible for security payment systems. Driven by its analysis of compliance with the Payment Card Industry Data Security Standard (PCI DSS), it offers valuable insight into building proactive, robust security controls and achieving genuine data protection, not just passing the test.
Additional resources from government and law enforcement agencies
FBI advisory on business email compromise
Read the FBI’s statistics on the rise of reported incidents of BEC/EAC fraud around the world, and total reported losses. And learn how to protect your own organization.
FBI advisory on ransomware
Find out how cybercriminals use a variety of techniques to infect their victims' systems with ransomware, how you can protect your organization and what you should do if you’ve been affected.
Mobile security updates from NIST’s center of excellence
The National Cybersecurity Center of Excellence (NCCoE) mobile device security efforts are dedicated to solving businesses' most pressing mobile cybersecurity challenges.
NIST guidance on corporate-owned personally enabled (COPE) devices
Helpful guidance on managing COPE mobile devices and reducing the risk these devices can pose to cybersecurity.
U.K. Home Office buyers' guide to mobile security
Simple guidance on securing your mobile device from the Home Office of Her Majesty's Government of the United Kingdom, responsible for immigration, security, and law and order. Suitable for sharing with device users.
We contracted an independent research company to survey senior professionals responsible for the procurement, management and security of mobile devices. Respondents were invited to complete one of two surveys, one on mobile devices (including tablets, laptops enabled with cellular or Wi-Fi connectivity, and mobile phones) and one on IoT devices (such as connected wearables, smart building systems and fleet management systems).
In total, 876 professionals responsible for the buying, managing and security of these devices responded. The following charts break down the demographics of these respondents.
Our sample included both small companies and large enterprises. Company size was not a strong indicator for most of our questions. Unless stated otherwise, all data in this report is from these surveys.
Asavie simplifies digital transformation for enterprises and OEMs, including the most advanced IoT and enterprise SD-WAN deployments. Its self-serve, programmable SaaS solutions enable secure mobile access in a multicloud, multinetwork world. It unifies visibility and control across all an organization’s mobile and IoT endpoints, legacy and greenfield implementations, providing intelligent insights to help reduce costs and improve overall performance. It is an ISO27001 certified company.
Information supplied by Asavie for this report is based on anonymized data gathered from its base of more than 10,000 enterprise customers over the first 9 months of 2019.
Lookout is a cybersecurity company for the post-perimeter cloud-first, mobile-first world. It is trusted by hundreds of millions of individual users, enterprises and government agencies, and partners such as Verizon, Microsoft and Apple. Powered by the largest dataset of mobile code in existence, the Lookout Security Cloud provides visibility into the entire spectrum of mobile risk. The installed base of Lookout's personal and enterprise mobile endpoint products is over 170 million mobile devices worldwide. This acts as a global sensor network that provides visibility into the threat landscape, including over 70 million apps—and that’s growing by up to 90,000 apps a day.
Lookout leveraged its mobile data set to provide data used in this report. It also helped analyze the results and provided insight on the current threat landscape.
IBM Security MaaS360 is a UEM solution that uses AI and analytics to transform the way organizations support users, apps, content and data across every type of device. Its open, cloud-based platform integrates with preferred security and productivity tools, allowing modern businesses to derive value quickly.
The MaaS360 Mobile Metrics feature offers cloud- sourced benchmarking data and best practices to enhance productivity and improve security. Benchmarking data is generated by leveraging multiple data values from MaaS360 client implementations to build aggregated metrics.
MobileIron’s mobile-centric, zero-trust approach is built on a UEM foundation to secure access across the perimeter-less enterprise. Its approach to security helps to reduce risk by giving organizations complete control over their business data as it flows across devices, apps, networks and cloud services. MobileIron UEM puts enterprise mobile security at the center of your enterprise and allows you to build upon it with enabling technologies such as zero sign-on user and device authentication, multifactor authentication and mobile threat detection.
Unless otherwise specified, MobileIron data points given in this report are based on aggregated usage data from devices with threat detection activated across the installed base of MobileIron Threat Defense and Zimperium, gathered over the course of 2019.
NetMotion offers an intelligent software solution for today’s modern, mobile organizations. This enhances connectivity and security for users while providing complete visibility and control for IT teams with real-time data and analytics. It has received numerous awards for its technology and customer support, including consistently high Net Promoter Scores. Worldwide, nearly 4,000 enterprise organizations and 1 million users depend on it.
The NetMotion data used in this report is from consenting third parties and customers running its software or from its Employee Frustration Index, a survey of 285 individuals across a wide range of age groups and device types. All users and respondents were from within North America.
The Netskope Security Cloud, used by millions of users in thousands of accounts globally, provides visibility and near real-time data and threat protection when accessing cloud services, websites and private apps from anywhere, on any device. Netskope understands the cloud and delivers data-centric security from one of the world’s largest and fastest security networks, empowering some of the largest organizations in the world with the right balance of protection and speed they need to enable business velocity and secure their digital transformation journey.
Netskope provided aggregated, anonymized data from the Netskope Security Cloud platform for this report.
Symantec, a Division of Broadcom
Mobile threat intelligence provided by Symantec Endpoint Protection Mobile (SEPM) is used to predict, detect and protect against a broad range of existing and unknown threats. SEPM’s predictive technology uses a layered approach that leverages massive crowdsourced threat intelligence, in addition to both device-based and server-based analysis, to proactively protect mobile devices from malware, network threats, and app and OS vulnerability exploits.
VMware software powers complex digital infrastructure around the world. Its cloud, networking and security, and digital workspace offerings provide a dynamic and efficient digital foundation to customers globally, aided by an extensive ecosystem of partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact.
VMware routinely carries out Customer Advocacy studies, data from which was used in this paper.
Wandera is a cloud security company that protects modern enterprises beyond the traditional perimeter. When remote users access applications from their smartphones or laptops, anywhere in the world, its unified security cloud provides real-time threat protection, content filtering and zero-trust network access. Wandera regularly shares the latest findings from its threat intelligence, which applies machine learning across 425 M worldwide sensors. Founded in 2012 by a team of cloud security veterans, it is headquartered in San Francisco and London, and is recognized as a leader by leading analyst firms.
Wandera researchers teamed with Verizon to investigate mobile security trends that covered one full year of realworld usage in customer environments. The devices included both bring-your-own (BYO) and corporate-liable platforms that were protected by a Wandera mobile security solution.
Federal Bureau of Investigation (FBI)
The mission of the FBI’s Internet Crime Complaint Center (IC3) is to provide the public with a reliable and convenient reporting mechanism to submit information concerning suspected internet-facilitated criminal activity, and to develop effective alliances with industry partners. Over the last five years, the IC3 has received an average of almost 300,000 complaints per year. These address a wide array of internet scams and cybercrime affecting victims across the globe.
United States Secret Service
The U.S. Secret Service has two core responsibilities: ensuring the safety of the U.S. President and Vice President, their families, and other designated individuals, events and locations; and safeguarding the nation’s financial and payment systems. While the Secret Service is undeniably today better known for the first of these two responsibilities–physical protection–its history, traditions and expertise are all firmly rooted in its more than 150 years of conducting financial crime investigations.
As the global financial system has become increasingly integrated and digitized, the Secret Service has steadily turned its investigative focus to cyberspace, where the most significant financial crimes threatening the integrity of the U.S. economy are now committed. Consequently, over the course of the past 30+ years, the Secret Service has built a reputation for countering the most sophisticated and profitable cybercrimes, and for apprehending some of the world’s most notorious transnational cybercriminals.
Services and/or features are not available in all countries/locations, and may be procured from in-country providers in select countries. We continue to expand our service availability around the world. Please consult your Verizon representative for service availability. Contact us.