• Industry: Communications & Media
  • Type: Press release
  • Date: 11/7/2013

KPMG presents a report on "Mobile security: from risk to revenue" 

The new survey looks at the threats to business from the ubiquitous increase in the use of mobile devices, and the opportunities emerging as a result.

The widespread adoption of mobile services, coupled with the frequent nature of information security incidents, have focused attention of both consumers and corporate users on the potential risk that mobile poses to their privacy and security. Mobile users want to ensure that their privacy is maintained. 62 percent of consumers are concerned about identity theft.

The total annual cost to the global economy from consumer cybercrime is estimated at more than $110 billion; in Russia, the cost is put at $1 billion (the same as in Russia and Australia; in Europe it is $13 billion, and in the USA $38 billion). However, it is Russia that, proportionately, has the most cybercrime victims (85 percent), followed by China (77 percent) and South Africa (73 percent).

As well as personal data, such as contacts, bank card numbers, email addresses, photographs, and so on, the mobile devices that  have become part of the IT infrastructure at companies also contain important corporate information giving access to data on the company's networks. More and more organisations are allowing their employees to use their own device to work with company data and programs (BYOD – Bring your own device). AT&T, for example, has already seen its wireless data traffic grow an astounding 20,000 percent between 2007 and 2012, driven primarily by the use of smartphones.

In the 12 months prior to a recent survey by Kaspersky Lab (2,895 interviews, including 356 with IT professionals in Russia), more than 90 percent of the companies covered had had at least one external IT security incident. 65 percent of those surveyed saw a threat in the Bring Your Own Device policy. Russian companies (57 percent) are the least concerned by this issue (compared to 93 percent in Japan).

By installing mobile apps without security measures being taken, accepting licence agreement terms without reading them, clicking links from people they don't know or on social networks and scanning QR codes in lifts, magazines, from websites and from other sources, people create a threat to the data to which they have remote access through the device. Clearly, businesses need to tackle the problems that are emerging with the ubiquitous increase in the use of mobile devices. Organisations need to develop and implement policies strict enough to reduce the likelihood of risks of data leakage. They need to introduce security functions for mobile devices, including mandatory protection using passwords and remote wipe, enabling confidential information to be deleted in case the device is lost or stolen. In 2012, just 14 percent of the companies surveyed had such a detailed security policy for the use of mobile devices within the corporate network.  20 percent of the Russian respondents said that their company had no IT security policy at all, 46 percent said that their company, but the time and budget available was insufficient, and 34 percent said that their company had a detailed policy. 

"It must be said that IT security in Russia leaves much to be desired. There are, at minimum, two reasons for this: the lack of decent training for the lack of decent training for information security professionals, and the low level of information security culture and awareness among users and business as a whole. In a number of cases, the attitude to information security has more to do with box-ticking than a deep understanding of the matter," said Yerkozha Akylbek, Head of Communications & Media at KPMG in Russia and the CIS.

Many users do not even think that their company has rules on mobile device use: 36 percent say their company has no policy on use of mobile devices for work. 49 percent of respondents access or send personal emails through their work device, and 24 percent save both work and personal documents to the same online file storage account.

Demand for IT security services may create a "hothouse" for technology innovation. To survive in the longer term, operators will need to offer smart services built on top of their data traffic. These might include personal fraud watch and management, and consumer app risk management (such as telling consumers whether an app would leak their personal data to third parties). Other services could include personal identity, profile and password management. Operators might offer their corporate clients services including traffic analysis and detection of data leakage, harmful software, hacking and inherent  security threats. In addition, telecoms operators can work with IT companies to offer clients secure IT infrastructure development services, allowing them to perform network-based work and transfer corporate data without worrying about its security.

According to the KPMG survey, IT decision makers in North America and Europe identified the following specific measures that might reduce the risks of mobile device use for work: remote lock and remote wipe in case the device is lost or stolen (83  percent); encryption capabilities for data on the device (76 percent); and encrypted email sessions, encrypted traffic for specific apps, or mobile VPN (71 percent).

KPMG presents a report on "Mobile security: from risk to revenue"

Mobile security: from risk to revenue
The new survey looks at the threats to business from the ubiquitous increase in the use of mobile devices, and the opportunities emerging as a result.

About KPMG in Russia and CIS

KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 155 countries with more than 162,000 people working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.


KPMG has been operating in Russia more than twenty years. For the last years KPMG in Russia and the CIS has been one of the fastest growing practices in KPMG worldwide.


In the CIS, KPMG now has offices in Moscow, St. Petersburg, Yekaterinburg, Kazan, Nizhny Novgorod, Novosibirsk, Rostov-on-Don, Krasnoyarsk, Perm, Almaty, Astana, Atyrau, Bishkek, Kiev, Lviv, Yerevan, Tbilisi and Baku, employing together over 4,000 people.

Media contacts

For any media enquiries or interview requests contact our media team at or Sabina Kasparova, Manager, PR & Communications, KPMG in Russia and the CIS, at +7 (495) 937 4477 (ext 14264), +7 (968) 6911037 or