Global Survey Shows that 83 Percent of Business Respondents Say Their Company is at Risk Because of Organizational and IT Complexities

Global IT Security Study from Citrix and The Ponemon Institute Also Shows that 74 Percent Say it’s Time for a New Security Framework

SANTA CLARA, Calif. -- Jan. 10, 2017 -- Today, IT security isnt just about waiting to respond to the next cyber attack. It is about being prepared and having the strongest possible IT security plan in place before being attacked. It is estimated that in 2016, more than $94 billion will be invested in security solutions, per industry analyst forecasts, yet nearly half of organizations report having had a breach either internal or external in the last twelve months. With today's threat landscape and emerging technologies, businesses need to take proactive measures to protect against old and new threats alike, and think about how to protect their data. 

A global survey by Citrix and the Ponemon Institute on IT security infrastructure found that 83 percent of businesses around the world believe that they are most at risk because of organizational complexities. Employees are not following corporate security requirements because they are too difficult to be productive, plus policies hinder their ability to work in their preferred manner. It is no surprise that shadow IT is on the rise because employees want easier ways to get their work done. 

Employees are putting data on their devices, meaning key corporate information is accessible from any laptop, phone or tablet left sitting at a desk or coffee shop. And data assets are increasing, putting more information at risk, per 87 percent of survey respondents. 

The results also found that security and IT professionals are truly concerned about their current operations: 

  • 79 percent of respondents are worried about security breaches involving high-value information.
  • The protection of apps and data is more critical than ever, with 74 percent of businesses saying that a new IT security framework is needed to improve security posture and reduce risk.
  • 71 percent say there is risk from their inability to control employees devices and apps. 

As for planning for the future: 

  • 73 percent say data management, 76 percent say configuration management, and 72 percent say app management are the keys to reducing the security risk over the next two years in building a new IT infrastructure.
  • 75 percent say their organization is not fully prepared to deal with the potential security risks resulting from Internet of Things (IoT).


People and data are at the core of every business. Securing both are essential, and more urgent than ever before. This global survey proves exactly what we all fear – most businesses are not prepared to protect employee data. At Citrix, we know our customers rely on us to secure their data, and they are prepared for the future. Security is inherent in all that we do. We are the security company of the future because we are focused on what needs to be protected – data.
- PJ Hough

senior vice president of product


Year after year, traditional security vendors have offered their latest and greatest technology to the enterprise. Each new product has added new layers of people, process, and technology to operations, but very few actually solved the root of security problems by answering questions like, ‘how can information be shared while also minimizing data loss? Can the attack surface be reduced? Why does security depend on the device?’ Only by presenting solutions to these problems, like those from Citrix, can we move forward as an industry toward a future of more secure data, applications, devices and things.
- Stan Black

chief security officer


In every region of the world, businesses must accept the fact that security practices and policies need to evolve in order to deal with threats from disruptive technologies, cyber crime and compliance. The research reveals respondents’ awareness of the need to challenge the status quo of their IT security strategies and consider a new IT security architecture to safeguard their organizations from cyber risks.
- Dr. Larry Ponemon

chairman and founder

The Ponemon Institute

To learn more about the Ponemon Institute survey findings, visit Citrix.com/secure or read the blog from Citrix chief security officer, Stan Black.

Survey Methodology

The report conducted by the Ponemon Institute and sponsored by Citrix, The Need for a New IT Security Architecture: Global Study looked at global trends in IT security risks and reasons why security practices and policies need to evolve in order to handle threats from disruptive technologies, cybercrime and compliance mandates. The research features insights from more than 4,200 IT and IT security practitioners in Australia/New Zealand, Brazil, Canada, China, Germany, France, India, Japan, Korea, Mexico, Netherlands, United Arab Emirates, United Kingdom and the United States.

Related Links 

Follow Citrix 

About Citrix

Citrix(NASDAQ:CTXS)aims to power a world where people, organizations and things are securely connected and accessible to make the extraordinary possible.Its technology makes the worlds apps and data secure and easy to access, empowering people to work anywhere and at any time. Citrix provides a complete and integrated portfolio of Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions that enables IT to ensure critical systems are securely available to users via the cloud or on-premise and across any device or platform. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use by more than 400,000 organizations and over 100 million users globally. Learn more at www.citrix.com. 

For Citrix Investors 

This release contains forward-looking statements which are made pursuant to the safe harbor provisions of Section 27A of the Securities Act of 1933 and of Section 21E of the Securities Exchange Act of 1934. The forward-looking statements in this release do not constitute guarantees of future performance. Those statements involve a number of factors that could cause actual results to differ materially, including risks associated with the impact of the global economy and uncertainty in the IT spending environment, revenue growth and recognition of revenue, products and services, their development and distribution, product demand and pipeline, economic and competitive factors, the Company's key strategic relationships, acquisition and related integration risks as well as other risks detailed in the Company's filings with the Securities and Exchange Commission. Citrix assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein. The development, release and timing of any features or functionality described for our products remains at our sole discretion and is subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.


2016 Citrix Systems, Inc. All rights reserved. Citrix is a trademark of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the U.S. Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.