CIS 502 Theories of Security Management
WEE 7 CASE STUDY 3 : Mobile Devices Security
CIS 502 Theories of Security Management
February 22, 2013
Mobile Devices Security By the end of 2013, there will be more mobile devices on Earth than people, a new report suggests. According to Cisco 's Visual Networking Index Global Mobile Data Traffic Forecast Update, consumers ' mobile appetite has grown a lot in the past year, and it shows no signs of slowing. In fact, Cisco predicts global mobile data traffic will increase 13-fold by 2017, with more than 10 billion mobile-connected devices by then (Murphy, 2013). Users of mobile devices have become dependent upon this technology not only for personal communications, but to conduct business transactions. This increase in commerce activity has had a corresponding increase in illegal activities geared toward taking advantages of mobile insecurities to steal consumer’s money and credentials. Mobile devices are convenient and are quickly catching up with personal computers as the choice to access the Internet. Unfortunately this convenience comes with a cost. Security for mobile devices has not kept up with the market growth and consumer use. In this paper I will discuss; 1) emerging cyber security issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report, 2) vulnerabilities of mobile devices in regard to usability and scale, and methods to mitigate the vulnerabilities of mobile devices, 3) the value of cryptography and encryption in regard to Equifax’s approach to implementing stronger security policies around mobile devices, 4) discuss Gunter Ollmann’s comments about Zeus-in-the-Mobile (ZitMo) and describe the implications of advanced security breaches, 5) the greatest challenge in regard to controlling information online, and 6) Justify Dan Kuykendall’s statement about the biggest issue with mobile browsers and give two (2) examples illustrating his point.
Emerging Cyber Security Issues and Vulnerabilities
CIS 502 Theories of Security Management
February 22, 2013
Mobile Devices Security By the end of 2013, there will be more mobile devices on Earth than people, a new report suggests. According to Cisco 's Visual Networking Index Global Mobile Data Traffic Forecast Update, consumers ' mobile appetite has grown a lot in the past year, and it shows no signs of slowing. In fact, Cisco predicts global mobile data traffic will increase 13-fold by 2017, with more than 10 billion mobile-connected devices by then (Murphy, 2013). Users of mobile devices have become dependent upon this technology not only for personal communications, but to conduct business transactions. This increase in commerce activity has had a corresponding increase in illegal activities geared toward taking advantages of mobile insecurities to steal consumer’s money and credentials. Mobile devices are convenient and are quickly catching up with personal computers as the choice to access the Internet. Unfortunately this convenience comes with a cost. Security for mobile devices has not kept up with the market growth and consumer use. In this paper I will discuss; 1) emerging cyber security issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report, 2) vulnerabilities of mobile devices in regard to usability and scale, and methods to mitigate the vulnerabilities of mobile devices, 3) the value of cryptography and encryption in regard to Equifax’s approach to implementing stronger security policies around mobile devices, 4) discuss Gunter Ollmann’s comments about Zeus-in-the-Mobile (ZitMo) and describe the implications of advanced security breaches, 5) the greatest challenge in regard to controlling information online, and 6) Justify Dan Kuykendall’s statement about the biggest issue with mobile browsers and give two (2) examples illustrating his point.
Emerging Cyber Security Issues and Vulnerabilities
References: Gahran, A. (2011). Mobile phone security: What are the risks?. CNNTech. Retrieved from http://articles.cnn.com/2011-06-17/tech/mobile.security.gahran_1_android-app-android-phone-apple-s-app-store?_s=PM:TECH Kahn, M. (2011). Equifax recognizes changing customer behavior with four-pronged mobile strategy. Mobile Marketer. Retrieved from http://www.mobilemarketer.com/cms/news/strategy/9733.html Murphy, S. (2013). Mobile Devices Will Outnumber People by the End of the Year. Marshable. Retrieved from http://mashable.com/2013/02/06/mobile-growth/ Myserson, J. (2012). 5 Steps to Mitigate Device Vulnerabilities. The Mobility Hub. Retrieved from http://www.themobilityhub.com/author.asp?section_id=2303&doc_id=253570 Wolfe, H. (2010). Mobile Phone Security. The TSCM Journal. Retrieved from http://www.isaca-wellington.org/files/TSCM_Journal_1_2_Small.pdf Sites, D & Tadimalla, A. (2011). A Survey of Mobile Device Security: Threats, Vulnerabilities, and Defenses. A Few Guys Coding Blogs. Retrieved from http://afewguyscoding.com/2011/12/survey-mobile-device-security-threats-vulnerabilities-defenses/ Zeus malware throws €36+ million lightning bolt across Europe. Infosecurity. Retrieved from http://www.infosecurity-magazine.com/view/29705/-zeus-malware-throws-36-million-lightning-bolt-across-europe/ Emerging Cyber Threats Report 2012. Georgia Tech Cyber Security Summit. Retrieved from http://www.gtisc.gatech.edu/doc/emerging_cyber_threats_report2012.pdf PR: Mobile device attacks surge. Treasury & Risk. Retrieved from http://www.treasuryandrisk.com/2011/02/08/pr-mobile-device-attacks-surge Samsung Kernel Crypto API Cryptographic Module v1.2. CSRC. Retrieved from http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1648.pdf