1) The high value targets in most organizations have multiple mobile devices – and this makes the number of mobile devices that can be targeted larger than the number of PCs.
2) If you can compromise and “own” a mobile device, you have access to just about every minute of that person’s day.
3) These individuals are doing corporate e-mail, texting, making phone calls, and reviewing files on these mobile devices – and by owning that device you have all of it.Bottom line: Mobile devices are now every bit (if not much more) of a juicy target. It’s impossible to know where the bad actors are making the bulk of their forward looking investments, but I’m willing to bet that mobile has been their major area of focus in the past and for the foreseeable future. This is a topic I covered in depth in my recent keynote at Ignite. The video below outlines the work we’ve done to natively engineer attack response features into Windows 10, Office 365, and EMS: One more really interesting note about the Trident/Pegasus combo: This product is typically sold to smaller governments because top-tier governments ( the G20 , for example) all have their own cyber operations divisions and don’t need this type of 3rd party support. This fact leads you to consider what kind of capabilities those G20 countries may already have, as well as what those other governments have underway.
* * *As with any defense, you shouldn’t put all your eggs in one basket, but you do need to have a broad and substantive foundation on which you can build everything else. I think Microsoft has made the most compelling case for providing the single best foundation for your organization.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.