The most obvious concern is the physical environment. These devices by nature promote mobility and are almost always taken offsite from controlled buildings. Their small form factor makes them not only easy to lose, but more prone to theft.
Threat actors such as cyber criminals are aware of the growing mobile device market segment and have invested considerable effort into developing more sophisticated malware specifically targeted at mobile device manufacturers such as Android and Apple. The risk from malware includes data destructions and the unauthorized disclosure of sensitive information.
Finally, the threat from insiders who act out of ignorance or through malicious intent can leverage mobile devices in a more effective manner to exfiltration information or insert harmful software. BYOD increases the risk through the use of personal software, which may be used in an unauthorized manner. These risks, while not entirely preventable, can be mitigated through security controls. Mobile device management (MDM) systems, training and security policies can offset the risks inherent to mobile device programs.