Despite screaming headlines about the growing vulnerabilities of mobile devices and promises to take the matter seriously, both individuals and corporations alike are still essentially walking around with their pants around their ankles.

Over the past two years, the use of mobile devices, particularly in the workplace, has exploded. And after years of apocalyptic predictions about the security risks surrounding mobile computing, hackers have at last brought their full arsenal of tricks to bear on exploiting these weaknesses.

This assault has inspired a growing wave of startups that target mobile security while rushing to develop a host of innovative solutions and strategies. Venture capitalists have taken note, and have been pouring money into the sector.

But all these breakthroughs are not having sufficient impact because users continue to fail when it comes to backing up their talk about security with action. Indeed, in many cases, people and companies are not taking the most basic, simple precautions to protect themselves, ones that security experts have been advising for years.

“It’s shocking how little is being done,” said Matt Montgomery, director of the Wireless Business Group at Verizon Wireless. “Even things that aren’t revolutionary, like changing your passwords. Companies are not even implementing policies that are well established.”

Montgomery was particularly discouraged following the release earlier this year of Verizon Wireless’ annual Mobile Security Index. In a survey of 600 mobility professionals, the report found that “approximately one-third of organizations…