A hazardous cocktail of evolving cybersecurity threats, sprawling information technology infrastructures and increased mobility means that most organizations will need to create an entirely new security architecture in order to safeguard their digital assets.
So says a new report by Citrix Systems Inc. and the information security researcher Ponemon Institute. A Need for a New IT Security Architecture reports that 83 percent of businesses around the world believe that the biggest risk of cybersecurity breaches comes from increased organizational complexities around their IT systems.
The problems are manifold, with company employees increasingly ignoring corporate security requirements because they hinder productivity and their ability to work in their preferred manner. In addition, employees are increasingly taking to storing company data on their personal devices, meaning that corporate information is left exposed on people’s laptops, phones and tablets, on desks and in coffee shops. Moreover, 87 percent of companies report that the amount of corporate data assets is increasing exponentially, meaning the amount of information at risk continues to grow.
Citrix says in its report that these problems are not going unrecognized. The vast majority of the 4,268 IT and IT security practitioners around the world it surveyed indicated they’re all too aware of the threats their companies face, with 79 percent saying they’re particularly about security breaches involving high-value information. Regarding potential sources of data breaches, 80 percent said they were concerned about the risk of state-sponsored hacking, while 76 percent said they were worried about the threat of malicious or criminal insiders.
The human risk factor
One of the biggest risks identified in the report is complacency among company employees, cited by almost three-quarters of IT workers. This is a problem that’s often compounded by a simple lack of awareness of best security practices among employees, while other risks highlighted in the report include the growing number of millennials in the workplace (the demographic most associated with shadow IT), more employees working from home, and the number of contract staff working at their organizations.
In addition, 71 percent of IT professionals said they were concerned about their inability to protect apps and data, while the same percentage raised concerns about the possible risk that automation replacing employees might pose to their organizations.
New technologies needed to prevent attacks
On a more positive note, Citrix’s report does at least indicate that IT professionals have an idea of how to solve some of the challenges highlighted above.
More than two-thirds respondents recognize that their current IT security solutions are outdated and fail to mitigate the risk of cyberattacks, employee complacency and organizational problems. What’s needed is a fresh approach to tackle these issues, with nearly three-quarters calling for an entirely new IT security framework that’s able to improve their companies’ security posture and reduce the risk of attack.
To build this new framework, companies will need to invest in a range of new technologies that are able to both guard against and also mitigate breaches when they do occur, IT professionals believe. The most critical technologies include data management, configuration and log management, and application management technologies in order to protect against attacks, and machine learning and big data software in order to rapidly contain security breaches.
“In every region of the world, businesses must accept the fact that security practices and policies need to evolve in order to deal with threats from disruptive technologies, cyber crime and compliance,” said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute. “The research reveals respondents’ awareness of the need to challenge the status quo of their IT security strategies and consider a new IT security architecture to safeguard their organizations from cyber risks.”