NEW YORK -- Mobile Network Security Strategies -- Although they've done a fairly good job warding off network and device infections and attacks so far, mobile operators must boost security spending to deal with the increasingly challenging environment, according to Heavy Reading's top expert on the subject.

Kicking off the third annual Mobile Network Security Strategies conference Wednesday morning, new Heavy Reading Chief Analyst Patrick Donegan warned that "all the threat and infection indicators are increasing" for the mobile industry right now, including device infection rates, DDoS attack frequency, spam volumes and the sophistication of attacks. Globally, he estimates that an average of 3% to 4% of mobile traffic is now malicious traffic, with some operators experiencing as much as 10% malicious traffic.

At the same time, Donegan said, many mobile providers still "lack full visibility of malicious traffic" on their networks. So they don't even know the scope of the growing problem they're facing.

Trotting out some fresh research for the conference, Donegan said the latest Heavy Reading surveys show that network outages are still the biggest security problem that mobile operators fear. The second biggest bad outcome they fear is the theft and misuse of private customer information.

Want to know more about mobile network security? Check out our dedicated mobile security content channel here on Light Reading.

Donegan also cited market research figures from other organizations showing that device infection rates are climbing sharply. Home PC infection rates rose to 18% in the second quarter, while mobile malware and infection rates are also on the rise.

While Donegan gave mobile operators a B+ grade for the job they've done so far in protecting their networks and warding off attacks and credited them for hiking their security spending, he warned that more must be done to safeguard the networks against future intrusions. In particular, he warned that the rapidly evolving IoT and M2M technologies will introduce a whole new level of security threats and vulnerabilities to mobile networks.

"The operator has to be far more proactive," he said. "You're talking about a fundamentally different security problem."

Donegan said mobile providers also need to invest more heavily in automation and innovation to cope with the security issues. In particular, he urged providers to focus on real-time automated mitigation, the application layer, behavioral analytics, validation of security reporting and end-point security.

In his latest Heavy Reading forecast for global security equipment capex, Donegan predicts that mobile providers will end up spending $812 million on security gear this year, up from $764 million last year. He then sees security-related spending rising at the rate of nearly 11% annually over the next four years, reaching nearly $1.33 billion by 2018. While US providers will account for the largest share of that spending, as they do today, the forecast calls for carriers in other regions of the world to start to narrow the gap as the decade draws to a close.

— Alan Breznick, Cable/Video Practice Leader, Light Reading