83% of businesses believe organizational ‘complexities’ increase security risk

IT security isn’t just about waiting to respond to the next cyber attack.

It is about being prepared and having the strongest possible IT security plan in place before being attacked. It is estimated that in 2017, more than $94 billion will be invested in security solutions, per industry analyst forecasts, yet nearly half of organizations report having had a breach either internal or external in the last twelve months. With today’s threat landscape and emerging technologies, businesses need to take proactive measures to protect against old and new threats alike, and think about how to protect their data.

A global survey by Citrix and the Ponemon Institute on IT security infrastructure found that 83% of businesses around the world believe that they are most at risk because of organizational complexities. Employees are not following corporate security requirements because they are too difficult to be productive, plus policies hinder their ability to work in their preferred manner. It is no surprise that shadow IT is on the rise because employees want easier ways to get their work done.

Employees are putting data on their devices, meaning key corporate information is accessible from any laptop, phone or tablet left sitting at a desk or coffee shop. And data assets are increasing, putting more information at risk, per 87% of survey respondents.

The results also found that security and IT professionals are truly concerned about their current operations:

  • 79% of respondents are worried about security breaches involving high-value information.
  • The protection of apps and data is more critical than ever, with 74% of businesses saying that a new IT security framework is needed to improve security posture and reduce risk.
  • 71% say there is risk from their inability to control employees devices and apps.
“Year after year, traditional security vendors have offered their latest and greatest technology to the enterprise.” says Stan Black, chief security officer at Citrix. “Each new product has added new layers of people, process, and technology to operations, but very few actually solved the root of security problems by answering questions like, ‘how can information be shared while also minimizing data loss? Can the attack surface be reduced? Why does security depend on the device?’ Only by presenting solutions to these problems, like those from Citrix, can we move forward as an industry toward a future of more secure data, applications, devices and things.”

New Technologies, New Risks

As for planning for the future, results show that disruptive technologies like IoT will pose new risks:

  • 73% say data management, 76% say configuration management, and 72% say app management are the keys to reducing the security risk over the next two years in building a new IT infrastructure.
  • 75% say their organization is not fully prepared to deal with the potential security risks resulting from Internet of Things (IoT).
“In every region of the world, businesses must accept the fact that security practices and policies need to evolve in order to deal with threats from disruptive technologies, cyber crime and compliance.” said Dr. Larry Ponemon, chairman and founder, The Ponemon Institute “The research reveals respondents’ awareness of the need to challenge the status quo of their IT security strategies and consider a new IT security architecture to safeguard their organizations from cyber risks.”

Learn more about the Ponemon Institute survey findings