A staggering 62% of organizations have weathered mobile app security incidents, even as a remarkable 93% hold firm in their belief that their defenses are up to par
BOSTON and LEUVEN, Belgium – July 16, 2025 – Guardsquare, the leading provider of mobile application security products, today unveiled the compelling results of an Enterprise Strategy Group study, “Mobile Application Security Cannot Be an Afterthought,” highlighting a critical misalignment between the perception and reality of mobile apps. While 93% of organizations believe their mobile app protections are sufficient to prevent attacks, the survey revealed that a substantial 62% of organizations faced at least one mobile app security incident in the past year. On average, organizations are reporting nine incidents per year.
The independent study, conducted by the Enterprise Strategy Group, surveyed more than 300 decision-makers from the application development, cybersecurity, and IT sectors worldwide. The research highlights the urgency of addressing the mobile app security perception gap, as the financial toll from these incidents continues to escalate. Survey results found the average cost of mobile app security breaches has reached $6.99 million in 2025.
“The convenience of using applications on mobile devices for everything from shopping, to paying bills, to checking personal records puts pressure on companies across industries to ensure the security of their mobile applications,” said Melinda Marks, Practice Director, Cybersecurity, for Enterprise Strategy Group. “However, as they work to rapidly deliver innovative, feature-rich applications for their customers, they need an effective approach to incorporate security into development processes without compromising speed so they can deliver secure applications. They also need to ensure protection of their running mobile applications, which can be attractive targets for hackers looking for vulnerabilities to exploit to gain access to valuable company or customer data.”
Other Key Insights:
- The impact goes beyond the balance sheet: The repercussions of mobile security lapses extend far beyond financial losses. Organizations reported application downtime (in more than 50% of cases), sensitive data leaks (48%), erosion of consumer trust (41%), and a diminished user experience (38%).
- With the right mobile app protection in place, faster release cycles become a strength, not a risk: The average number of unique mobile applications released annually has jumped from 10 in 2023 to 13 in 2025. Yet a noteworthy 74% of organizations noted feeling increased pressure to accelerate their development cycles, with 71% conceding that this push for speed has come at the expense of robust mobile app security measures.
- Significant gaps in security strategies: Nearly 40% of organizations rely solely on security measures built in-house or those included in operating systems. Only 31% employ code obfuscation techniques, leaving many mobile apps open to static analysis. Besides, 60% of organizations have not implemented Runtime Application Self-Protection (RASP).
The Multi-layered Security Imperative
The study highlights the need for a comprehensive security strategy. Such a strategy should encompass robust code hardening and obfuscation, proactive runtime application self-protection, rigorous mobile application security testing, and continuous threat monitoring. While a reasonable 63% of organizations are engaged in mobile application security testing and nearly 60% are utilizing threat monitoring, the study revealed that substantial weaknesses persist in other vital areas of defense.
“Organizations are increasingly recognizing the necessity of a holistic, multi-layered approach to mobile app security,” said Roel Caers, CEO of Guardsquare. “The fact that 46% of organizations prioritize security technologies that seamlessly integrate into developers’ existing workflows signals a positive shift towards solutions that can provide robust security with efficient development practices without compromising on security or app performance.”
New Priorities in Mobile App Security
The study also identified evolving priorities for organizations. Notable ones include:
- Rising legal repercussions from mobile app breaches: 31% of organizations are already facing legal consequences stemming from a mobile app security breach.
- Increased budget allocations: 84% of organizations plan to increase their financial commitment to mobile app security.
- Tighter integration of security into development: 46% are prioritizing the integration of security measures directly into the tools, processes, and workflows used by their development teams.