As security and risk professionals take steps to improve their organization’s cybersecurity posture, email, network, and web security often take center stage. This makes perfect sense, as these have been preferred attack vectors for decades. However, as internet use continues to move toward a mobile-centric experience, it has become critical to consider mobile applications when crafting your organization’s security strategy.

As security and risk professionals take steps to improve their organization’s cybersecurity posture, email, network, and web security often take center stage. This makes perfect sense, as these have been preferred attack vectors for decades. However, as internet use continues to move toward a mobile-centric experience, it has become critical to consider mobile applications when crafting your organization’s security strategy.
BitSight Performance Analysis Identifies Significant Gaps in Mobile Application Security Initiatives Across Sectors

BitSight Performance Analysis Identifies Significant Gaps in Mobile Application Security Initiatives Across Sectors
In this report, you’ll find eye-opening statistics on the state of mobile application security today, examples of how and why mobile breaches occur, and actionable advice for mitigating risks associated with your own mobile applications, as well as apps from third-party partners and suppliers.
You’ll also get BitSight’s latest research on mobile application security—including performance stats by application genre, sector, and popularity. Finally, you’ll learn how to reduce risk and demonstrate security performance to customers, prospects, and other critical stakeholders.
The Increasing Risk to Mobile Applications
The Increasing Risk to Mobile Applications
Since mobile applications store massive amounts of users’ personal information, breaches and data leakage can expose organizations to significant risk, as evidenced by news coverage throughout 2021. In March, a breach in its mobile app forced a Formula 1 racing team to call off an augmented reality campaign after its app was hacked. In June, a healthcare provider was breached via unauthorized access to a third-party mobile app called Smart Clinic.
In August, British Airways disclosed that approximately 380,000 card payments were compromised after a security breach occurred on the company’s website and mobile app. The breach compromised the personal and financial details of customers—including name, address, and bank card details like CVC code.
In September, security researchers found that 14 top Android apps, downloaded by more than 140 million people in total, are leaking user data due to Firebase misconfigurations. Exposed data potentially includes users’ names, emails, usernames, and other PII. Firebase is a mobile application development platform with an active monthly base of more than 2.5 million apps.
“Mobile applications already drive much of today’s digital activity and that will only increase in the future. 5G, increased work-from-home, and the ever-increasing availability of mobile devices have all but assured that cyber criminals will look for avenues into mobile applications to conduct attacks,” said Stephen Boyer, Founder and CTO of BitSight. “For these reasons, it is critical for organizations to understand risks associated with mobile applications created in-house and those published by third parties.”
Key Research Findings
Report: 3 out of 4 mobile applications evaluated contained at least one Moderate vulnerability

Report: 3 out of 4 mobile applications evaluated contained at least one Moderate vulnerability
Get BitSight’s latest research on mobile application security where you’ll find eye-opening statistics on the state of mobile application security today, examples of how and why mobile breaches occur, and actionable advice for mitigating risks associated with your own mobile applications, as well as apps from third-party partners and suppliers.