Mobile devices have become a part of everyday life. We use them to access public transportation, make purchases, share with friends and understand the things that are happening in the world around us.
To accomplish these tasks, we trust these devices and the apps to be safe and secure, operating on our behalf. And for years, that has been increasingly true: our 2021 report on mobile security noted that the security and privacy protection for mobile devices is working well, and that building privacy and security in has succeeded where expecting users to protect themselves has failed.
In our new, follow-up paper, we discuss the potential impact of the European Union’s mobile app store provisions of the Digital Markets Act (DMA). The DMA will go into effect in March and requires that mobile operating systems open up more options for users to install apps, and that operating systems allow the same system access and tooling to first- and third-party apps. The intention of the DMA is to make it easier for smaller European companies to compete with companies that may have a more “entrenched” position in the market, but that access may make devices less secure.
Installation of apps from unknown app stores creates complexity for the mobile app ecosystem, and complexity is[WHE1] the enemy of security. A proliferation of ways to install apps may be overwhelming to consumers and open avenues for exploitation by bad actors. There are ways to protect people, but action is necessary from companies and consumers to make sure that they are protected in ways they have not been necessary in the past.
This report from the Center for Cybersecurity Policy & Law outlines potential risks to EU citizens, their devices and data, as well as approaches to mitigating those risks. We conclude with policymaker and regulator recommendations for ensuring that apps in the mobile ecosystem can continue to be trusted, and how to mitigate potential security implications. We hope this paper will also provide insights for other countries as they look to address competition issues while protecting the security and privacy of their citizens.
Read Next
Securing the Future of AI: What’s Next?
The intersection of AI and security is a hot topic but we find that people haven’t spent time to understand what is truly new about cybersecurity, and where organizations need to bolster defenses as AI use cases promulgate.
ZScaler, Wiz, and Infoblox Join As New Members of the Cybersecurity Coalition
The Cybersecurity Coalition announced three new members - ZScaler, Wiz, and Infoblox. This collaboration aims to enhance the Coalition’s efforts in advancing robust cybersecurity policies and practices across various sectors.
Research Needed for the Good and Bad AI Cybersecurity Use Cases
When implemented properly, artificial intelligence is a vital tool for cybersecurity but more public research is essential to understand and monitor a diverse array of AI systems and their potential – for good and bad.