In separate announcements on Monday, both AT&T and Samsung drew attention to the dilemma. They recommended new enterprise security assessments that build on the services already offered by both companies.
Samsung announced a new partnership with Booz Allen Hamilton to help enterprises find and address gaps in their mobile security. This approach includes a two-day, on-site mobile security assessment for each client, using a model based on security standards from the bodies like the National Institutes of Standards and Technology, among others.
Samsung and Booz Allen Hamilton will then deliver an action plan tailored to a company's unique needs. No pricing was announced, however.
Meanwhile, AT&T released a blog and a report noting an increase in cyberattacks across its global data network. In 2015, AT&T said, it logged 245,000 Distributed Denial of Service alerts on that network and as many as 30 billion malicious scans per day.
In a global online survey of 800 enterprises conducted by IDC for AT&T, 60% said they had a security breach in 2015. Of that group, 42% said the breach had a significant negative impact on the business. These incidents caused large enterprises an average of 23 hours of downtime and medium-sized businesses an average of 14 hours.
AT&T used the report to recommend that companies hold regular crisis management exercises to test their incident response planning.
AT&T's survey found that fewer than 10% of companies review their incident response plans two or more times a year, and one-third said they had not reviewed or updated the incident response plans since they were initially developed.
"Too many companies are prone to let incident response remain a back-burner issue," AT&T said in its report. "CEO's are playing a high-stakes game of security poker in which the odds ultimately favor the cyberattacker."