A new publication, MOBILE PHONES THREAT LANDSCAPE SINCE 2015, was published on November 25, 2025 by the Government of France. This publication follows closely on the heels of last fall’s publication of new requirements by the U.S. Federal Government requiring use of mobile threat defense (MTD) and App Vetting on mobile devices.
The French landscape report provides a thorough overview of the four attack surfaces and attacker tactics for each surface unique to mobile devices: network connections (Wi-Fi,etc.), device OS vulnerabilities, mobile phishing (mishing) leveraging social engineering, and application threats (including vulnerabilities introduced to the apps from use of third party libraries/SDKs).
The publication provides further evidence from yet another respected global cybersecurity agency that attackers are employing a mobile-first attack strategy. The report goes beyond defining the threats and makes specific recommendations for organizations and users to follow to reduce risk.
This blog highlights the report’s recommendations that can be best implemented by an organization’s use of MTD and app vetting. The specific recommendations where MTD and app vetting can help are summarized in the following table:
| Recommendation | Attack Surface | Implemented By | Impact of Recommendation | Impact of Leveraging MTD |
| Reboot device regularly | Device | User | Reduces risks from malware in memory |
MTD reminds user |
| Be wary of QR codes | Phishing | User and Org | Reduce risk from QR code which links to phishing or malware | MTD will warn and block the URL and redirect if a phishing URL |
| Be vigilant on feature request by apps | App | Org | Best done with app vetting | MTD app vetting can identify and report on risky app security and privacy characteristics by policy |
| Keep OS updated | Device | User and Org | MTD can alert user to update and block user use if not | MTD will alert user of need to upgrade and notify IT in the console of those out of compliance |
| Physically protect device | Device | User | Requires strong auth. turning phone off, avoid physical connection | MTD can alert if device PIN or biometrics are not on |
| Verify app permission | App | Org | Best done with app vetting solution | MTD with app vetting policy on permissions |
| No sideloaded apps | App | Org | Reduces risk from use of apps not scanned by Apple or Android stores | MTD will report on sideloaded apps to management for them to follow up to have user removed |
| Device use in foreign country | Network | Org | Preform forensic scan immediately post trip of use separate phone | MTD deep scan forensics can be done by the user immediately post trip |
The French government’s recommendations join a growing chorus of leading international cybersecurity agencies in either making recommendations or going further and specifying requirements for securing mobile devices:
United States (DISA): U.S. Defense Information Systems Agency’s latest Security Technical Implementation Guides (STIG) mandates use of MTD with App Vetting for devices running iOS and Android.
United Kingdom (NCSC): The National Cyber Security Centre’s Device Security Guidance explicitly differentiates between "management" (MDM) and "monitoring" (MTD). Their guidance emphasizes the need for solutions that can detect device compromise and audit for malicious applications—capabilities that standard MDM checks cannot provide.
Germany (BSI): The Federal Office for Information Security’s IT-Grundschutz (IT-GS) framework requires protection measures against malware and data leakage that typically necessitates on-device threat detection beyond basic OS hardening.
Australia (ACSC): The Australian Cyber Security Centre’s Information Security Manual (ISM) includes specific controls for malicious code protection that align directly with MTD capabilities, mandating the ability to detect and prevent the execution of malicious code.
Singapore (CSA): The Cyber Security Agency’s Mobile Cyber Security Guide explicitly recommends security software that performs real-time scanning for malware and phishing—calling for active defense layers that sit on top of the device management layer.
France’s mobile phone security recommendations join and align well with the recommendations and requirements from many other international cybersecurity agencies. Mobile Threat Defense solution use enables organizations to easily implement and comply with many of the security recommendations in the threat landscape report.
Zimperium, a Forrester Wave Leader for MTD, provides active protection to secure data against sophisticated mobile threats. The mobile threat is real, it is active, and it requires active mobile threat defense. Relying on mobile device management from UEM/MDM solutions is inadequate, as they provide management and not security. Mobile security is no longer an option; it is increasingly a requirement.