A staggering 62% of organizations have weathered mobile app security incidents, even as a remarkable 93% hold firm in their belief that their defenses are up to par
Guardsquare, the leading provider of mobile application security products, today unveiled the compelling results of an Enterprise Strategy Group study, "Mobile Application Security Cannot Be an Afterthought," highlighting a critical misalignment between the perception and reality of mobile apps. While 93% of organizations believe their mobile app protections are sufficient to prevent attacks, the survey revealed that a substantial 62% of organizations faced at least one mobile app security incident in the past year. On average, organizations are reporting nine incidents per year.
The independent study, conducted by the Enterprise Strategy Group, surveyed more than 300 decision-makers from the application development, cybersecurity, and IT sectors worldwide. The research highlights the urgency of addressing the mobile app security perception gap, as the financial toll from these incidents continues to escalate. Survey results found the average cost of mobile app security breaches has reached $6.99 million in 2025.
"The convenience of using applications on mobile devices for everything from shopping, to paying bills, to checking personal records puts pressure on companies across industries to ensure the security of their mobile applications," said Melinda Marks, Practice Director, Cybersecurity, for Enterprise Strategy Group. "However, as they work to rapidly deliver innovative, feature-rich applications for their customers, they need an effective approach to incorporate security into development processes without compromising speed so they can deliver secure applications. They also need to ensure protection of their running mobile applications, which can be attractive targets for hackers looking for vulnerabilities to exploit to gain access to valuable company or customer data."
Other Key Insights:
- The impact goes beyond the balance sheet: The repercussions of mobile security lapses extend far beyond financial losses. Organizations reported application downtime (in more than 50% of cases), sensitive data leaks (48%), erosion of consumer trust (41%), and a diminished user experience (38%).
- With the right mobile app protection in place, faster release cycles become a strength, not a risk: The average number of unique mobile applications released annually has jumped from 10 in 2023 to 13 in 2025. Yeta noteworthy 74% of organizations noted feeling increased pressure to accelerate their development cycles, with 71% conceding that this push for speed has come at the expense of robust mobile app security measures.
- Significant gaps in security strategies: Nearly 40% of organizations rely solely on security measures built in-house or those included in operating systems. Only 31% employ code obfuscation techniques, leaving many mobile apps open to static analysis. Besides, 60% of organizations have not implemented Runtime Application Self-Protection (RASP).
The Multi-layered Security Imperative
The study highlights the need for a comprehensive security strategy. Such a strategy should encompass robust code hardening and obfuscation, proactive runtime application self-protection, rigorous mobile application security testing, and continuous threat monitoring. While a reasonable 63% of organizations are engaged in mobile application security testing and nearly 60% are utilizing threat monitoring, the study revealed that substantial weaknesses persist in other vital areas of defense.
"Organizations are increasingly recognizing the necessity of a holistic, multi-layered approach to mobile app security," said Roel Caers, CEO of Guardsquare. "The fact that 46% of organizations prioritize security technologies that seamlessly integrate into developers' existing workflows signals a positive shift towards solutions that can provide robust security with efficient development practices without compromising on security or app performance."
New Priorities in Mobile App Security
The study also identified evolving priorities for organizations. Notable ones include:
- Rising legal repercussions from mobile app breaches: 31% of organizations are already facing legal consequences stemming from a mobile app security breach.
- Increased budget allocations: 84% of organizations plan to increase their financial commitment to mobile app security.
- Tighter integration of security into development: 46% are prioritizing the integration of security measures directly into the tools, processes, and workflows used by their development teams.
To read or download the report, please click this Link.
Methodology
The research was conducted by Enterprise Strategy Group (ESG) between January 8 and January 30, 2025. The survey included 315 qualified respondents from the United States (37%), the United Kingdom (32%), Brazil (16%), and Singapore (16%). Respondents were application development/software engineering (51%), cybersecurity (39%), and IT (9%) decision-makers influential in the purchase process for mobile application security technologies. Organizations represented both midmarket (250 to 999 employees, 31%) and enterprise (1,000+ employees, 69%) segments across multiple industries.
About Enterprise Strategy Group
Enterprise Strategy Group, part of Omdia, provides focused and actionable market intelligence, demand-side research, analyst advisory services, GTM strategy guidance, solution validations, and custom content supporting enterprise technology buying and selling.
About Guardsquare
Guardsquare offers the most complete approach to mobile application security on the market, delivering the highest level of protection in the easiest possible way. Guardsquare's software integrates seamlessly across the development cycle, from app security testing to code hardening to real-time visibility into the threat landscape. Guardsquare products provide enhanced mobile application security from early in the development process through publication. More than 900 organizations worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications and SDKs against reverse engineering and tampering in the ever-evolving threat landscape. Learn more at Guardsquare.com and on LinkedIn.
All trademarks recognized.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250715238894/en/
Contacts:
Tracy Wemett
BroadPR
+1-617-868-5031
tracy@broadpr.com
