The U.S. Government Accountability Office said the Federal Communications Commission needs to encourage the private sector to implement a broad, industry-defined baseline of mobile security safeguards as consumers have become increasingly reliant on mobile devices.
The recommendation came in a new GAO report looking at how to better implement controls for mobile devices.
In the report, GAO also recommended the Department of Homeland Security and National Institute of Standards and Technology take better steps to measure progress in raising national cybersecurity awareness.
“Given the extent of consumer reliance on mobile interactions, it is increasingly important that these devices be secured from expanding threats to the confidentiality, integrity, and availability of the information they maintain and share,” GAO said.
GAO said that although the FCC has facilitated public-private coordination to address specific challenges such as cellphone theft, it has not yet taken similar steps to encourage device manufacturers and wireless carriers to implement a more complete industry baseline of mobile security safeguards.
“In addition, many consumers still do not know how to protect themselves from mobile security vulnerabilities, raising questions about the effectiveness of public awareness efforts,” GAO said.
DHS and NIST have not yet developed performance measures or a baseline understanding of the current state of national cybersecurity awareness that would help them determine whether public awareness efforts are achieving stated goals and objectives, GAO said.