Global Study Confirms Security Technology Outdated and Inadequate to Handle Today’s Threats
Global IT Security Study from Citrix and The Ponemon Institute Shows Sixty-Eight Percent Of Business Respondents Say Their Organization’s BYO Devices Might be Allowing Criminals To Access Corporate Networks And Data
SANTA CLARA, Calif. Feb. 07, 2017 There is no one-size-fits-all security solution to address the threat landscape todays businesses face. Each organization has unique security obstacles and obligations. Billions of dollars have been invested into IT security solutions and increasing annual security budgets has been an imperative. In fact, 98% of business respondents reported they will spend over a million dollars in 2017, per a global study by Citrix and the Ponemon Institute. However, many of the systems and people in place are still not able to handle todays threats.
Security threats increase as more devices crowd networks and as people have more freedom to work from anywhere, on any device. More devices, especially bring your own (BYO) devices are the new norm, and businesses need to put information security at the top of their priority list to ensure apps and data are secure no matter where they reside or are accessed. On top of this, businesses need skilled staff to plan how they will reduce risk and improve the security of their applications and data.
The global study by Citrix and the Ponemon Institute on IT security infrastructure found that less than half (48%) of survey respondents said their organization has security policies in place to ensure employees and third parties only have the appropriate access to sensitive business information. Not helping is that nearly 70% of business respondents said that some of their existing security solutions are outdated and inadequate.
Top security concerns confirmed in the study:
- Poor security deployments: 70% said their organization had made investments in IT security technology that was not successfully deployed (e.g. shelfware).
- Unapproved and rogue app deployments: 65% of respondents said their organization is not able to reduce the inherent risk of unapproved applications increasing risk, including from shadow IT.
- Unmanaged data at risk: 64% say their organization has no way to effectively reduce the inherent risk of unmanaged data (e.g. downloaded onto USB drives, shared with third parties, or files with no expiration date).
- Talent pool is small: Only 40% said their organization is successfully hiring knowledgeable and experienced security practitioners.
While theres no silver bullet to fixing security business challenges, survey respondents shared that they believe there are solutions to help better manage security challenges:
- Creating a unified view: 53% percent believe a unified view of users across the enterprise.
- Becoming proactive: 48% percent answered an ability to keep up with new or emerging attacks.
Respondents also shared that some specific improvements can be made to reduce their overall risk:
- Technology improvements: 65% believe an improvement in technologies will improve their overall security posture and reduce risk.
- Staffing investments: 72% say an improvement in staffing will improve their overall security posture and reduce risk.
These findings are the second installment of the global study from Citrix and the Ponemon Institute. The first report reviewed how business complexity is hindering security postures and adding to the shadow IT trend.
The report conducted by the Ponemon Institute and sponsored by Citrix, The Need for a New IT Security Architecture: Global Study looked at global trends in IT security risks and reasons why security practices and policies need to evolve in order to handle threats from disruptive technologies, cybercrime and compliance mandates. The research features insights from more than 4,200 IT and IT security practitioners in Australia/New Zealand, Brazil, Canada, China, Germany, France, India, Japan, Korea, Mexico, Netherlands, United Arab Emirates, United Kingdom and the United States.
- Study Results: The Need for a New IT Security Architecture: Global Study on the Risk of Outdated Technologies
- Citrix CTO Blog: The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies by Christian Reilly
- Infographic: Out with the old, in with the new
- Citrix CSO Blog: Ninety-nine Problems and Security is the Biggest One by Stan Black
- Behold! The IT Archeological Dig Yes, Complexity is the Enemy of Security by Florin Lazurca
Citrix (NASDAQ:CTXS) aims to power a world where people, organizations and things are securely connected and accessible to make the extraordinary possible. Its technology makes the worlds apps and data secure and easy to access, empowering people to work anywhere and at any time. Citrix provides a complete and integrated portfolio of Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions that enables IT to ensure critical systems are securely available to users via the cloud or on-premises and across any device or platform. With annual revenue in 2016 of $3.42 billion, Citrix solutions are in use by more than 400,000 organizations and 100 million users globally. Learn more at www.citrix.com.
For Citrix Investors
This release contains forward-looking statements which are made pursuant to the safe harbor provisions of Section 27A of the Securities Act of 1933 and of Section 21E of the Securities Exchange Act of 1934. The forward-looking statements in this release do not constitute guarantees of future performance. Those statements involve a number of factors that could cause actual results to differ materially, including risks associated with the impact of the global economy and uncertainty in the IT spending environment, revenue growth and recognition of revenue, products and services, their development and distribution, product demand and pipeline, economic and competitive factors, the Company's key strategic relationships, acquisition and related integration risks as well as other risks detailed in the Company's filings with the Securities and Exchange Commission. Citrix assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein. The development, release and timing of any features or functionality described for our products remains at our sole discretion and is subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.
2016 Citrix Systems, Inc. All rights reserved. Citrix is a trademark of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the U.S. Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.