Conflated Issues
You're mixing up your stories in an attempt to make this sound more relevant than it is...
For example, you quote the 2014 JPMorgan breach, which was the result of a hack of servers and nothing whatsoever to do with phones or laptops.
The same will likely be true of most, if not all, US companies. This is due to a Californian "Data Breach Reporting Law" that requires any institution that experiences the loss of non-encrypted data relating to clients to notify those clients - a requirement that now applies across the US. As a result of that one piece of legislation, most US banks [i.e., read : "ALL"] instigated processes to ensure that EVERY company-owned mobile asset [laptop, Blackberry, etc, etc] met the minimum encryption requirements, so that the loss of an item explicitly *didn't* trigger data breach reporting requirements.
That being the case, how could your article be based on any solid facts - given that the law explicitly excuses organisations from the need to go public with that data?
Biting the hand that feeds IT
