Mobile security threats may pose some risks, but do a risk analysis on the entire situation before diverting funds to fundamental security activities
Mobile device security threats are certainly real and the exploits demonstrated last week at Black Hat warrant some attention from CISOs as they look over the horizon. But when it comes to solid risk management, most organizations would do well to reexamine their entire IT infrastructure for solid footing in the fundamentals before they get too distracted by mobile security, some experts warn.
"I'm always excited about work done by smart, bright people in security, but it sometimes seems like the bright people in our industry tend to focus too much on the bleeding, cutting edge," says Marcus Carey, security researcher at Rapid7. "Have you ever seen a cat chase a laser pointer? That's how security researchers are. 'Oh, look! What's that over there? Oh, now, what's that over here?' That's where we're at with mobile."
More:
