Apple isn't foolproof, as some malware has gotten through the company's scrutiny, such as the spam-producing "Find and Call" app discovered last year, he said. But because the bar is higher with iOS, most attackers look elsewhere, he said.
Mobile is one target of a U.S. government effort to close cybersecurity holes in the nation's critical infrastructure, according to Ari Schwartz, a senior policy advisor in the Commerce Department's Office of Policy and Strategic Planning. Following an executive order by President Barack Obama earlier this year, the Department of Homeland Security and other agencies are working toward creating a program for companies to take a set of voluntary steps to protect their infrastructure from attacks, Schwartz said.
Meanwhile, the National Cyber Security Alliance is aiming at ordinary users with an education campaign using the slogan, "Stop. Think. Connect." The campaign aims to teach consumers about online safety in the same way children are taught to look both ways before crossing the street, said Michael Kaiser, executive director of NCSA.
Any individual user who falls prey to malware can pose a threat to everyone's phones, Kaiser said. But just raising alarms about the dangers of cyberthreats can make people feel too helpless to even take action, he said.
"What I think comes across often to the consumers is just this haze of threat. ... And that makes it difficult," Kaiser said.
Education is important, but service providers and others also have to keep developing new tools to fight cyberthreats, said Chris Boyer, AT&T's executive vice president for public policy. AT&T monitors its traffic flows around the clock and has a team in its lab dedicated to wireless security. It also regularly shares threat information with other carriers and the government. Malware is a moving target, Boyer said.
"At the end of the day, it's going to require long-term innovation around this problem. The threat's not going to go away. There is no magic bullet."
Sign up for CIO Asia eNewsletters.