New research conducted by CyberSmart, a leading provider of SME security solutions, indicates that mobile cybersecurity incidents at small businesses are widespread.
The research, conducted by OnePoll in Autumn 2024, polled 250 small-medium enterprise (SME) business owners or leaders in the UK, found that over a third (35%) of small business employees or owners report clicking on a phishing link via mobile.
Elsewhere, 30% of respondents reported losing or having stolen a mobile phone containing sensitive corporate information, leaving their business more vulnerable to potential cybercriminal activity.
While these dramatic incidents are a concern from a security perspective, the minutiae of business activity taking place on a mobile, without policies in place, also suggest a concerning lack of security awareness from SMEs. For example, a quarter of respondents admitted using a mobile device used for work to a public charging station (e.g., at an airport or café), and 36% of respondents have worked from a public WiFi network on a mobile device. A further 9% admitted to forwarding corporate data to a personal account, and 11% admitted storing corporate passwords or login credentials on a mobile device without encryption.
“These results are obviously a concern for SMEs and their employees. Large organisations are more likely to implement security awareness training for mobile devices and implement a code of conduct for corporate devices. This is not a luxury afforded to most SMEs, who do not have the resources or time to do so.” Said Jamie Akhtar, Co-Founder and CEO at CyberSmart. “It is the responsibility of the cybersecurity industry to change this, and to make security more accessible for the small businesses which make up 99% of the UK economy.”
You can find the full results of the survey here.
This follows news from CyberSmart that a worrying 60% of businesses expect their employees to carry out work tasks on their personal mobile phone.