/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/media_files/2025/09/26/vnd-banner-2025-09-26-11-20-57.jpg)
/vnd/media/media_files/2025/10/21/zero-trust-for-the-5g-era-2025-10-21-08-34-40.jpg)
The greatest security threat facing organisations today may be the device most people carry in their hands. According to the Verizon 2025 Mobile Security Index (MSI), mobile devices are under greater threat than ever before, with 85% of organisations reporting an increase in mobile attacks. In response, 75% of companies have increased spending on mobile security over the past year.
However, the rapid rise of employees using generative AI (GenAI) tools for work is expanding the attack surface even further. Over one-third of organisations (34%) fear that more advanced and large-scale AI-powered attacks will heighten their risk, while 38% believe ransomware will become even more dangerous when enhanced by AI technologies.
The two-fold risk of generative AI
The risks posed by GenAI are emerging on two fronts. Only 17% of organisations have implemented specific security controls to defend against AI-assisted attacks, leaving them vulnerable as cybercriminals use AI to increase both the frequency and sophistication of their operations. At the same time, 93% of organisations report that employees are using GenAI tools on their mobile devices as part of their daily work, and 64% identify data compromise through GenAI as their most serious mobile security concern.
The “perfect storm” of human and AI-driven threats
This year’s MSI highlights what it calls a “perfect storm” in mobile security: a world where AI-powered threats are becoming smarter, while human error remains the weakest link. Of the 80% of organisations that conducted employee smishing (SMS phishing) tests, 39% found that up to half of their staff clicked on a malicious link. The intersection of human behaviour, mobile device usage, and AI-driven threats has now become the central point of risk for organisations.
Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon Business, described the findings as a wake-up call. “Mobile security is no longer about defending the perimeter, it’s a battle fought in the palm of every employee’s hand,” he said. “With the rise of AI, we’re seeing a Category 5 hurricane in mobile security, where AI is the wind and human error is the open window. Businesses of all sizes must rethink their defences against AI-assisted attacks and ensure employees can use technology safely.”
Small businesses under greater pressure
Small and medium-sized businesses (SMBs) are feeling particularly exposed. More than half (57%) believe they are at a disadvantage compared with larger enterprises due to limited resources, which makes it harder to respond effectively to cyber incidents. Additionally, 54% of SMBs say they have more to lose from a security breach, a view that larger enterprises tend to share.
Larger organisations are generally more proactive in strengthening their defences. They train more employees in mobile security, provide more comprehensive AI risk education, and are more likely to implement advanced multifactor authentication systems. However, all organisations remain vulnerable: 63% reported significant operational issues due to downtime, and half experienced data loss, which continues to be their greatest concern.
Adapting to an AI-driven security landscape
Building resilience against evolving cyber threats requires an integrated approach to network and mobile security. As the impact of security breaches grows, organisations are not only investing more in defence but also adopting a broader strategy for identifying and mitigating risk.
“While threats evolve, so do defences,” Novak added. “A proactive, multi-layered approach to mobile security is no longer optional, it is a business imperative. This includes thorough employee training, clear policies governing AI use, and intelligent, adaptive security measures.”
By aligning network and mobile security, organisations can continue to innovate, collaborate, and operate securely from any location. Such integration enables them to identify, assess, and manage the complex risks that shape modern business operations, helping to ensure continuity even in the face of advancing cyber threats.