Never before have we seen a higher rate of ransomware, malware and phishing attacks with our customers. These attacks are both very real and very targeted, triggering painful, real-world consequences.
We were naturally curious, then, when Citrix released the results of a network security survey among its customers. As a Citrix Platinum Partner, we’re pleased to see responses validate what we are seeing in the client environment, but also concerned about some of the implications.
The main takeaway:
Businesses must shift away from protecting devices and focus on security applications and data protection wherever their data resides (or travels) throughout the enterprise.
The condensed version:
- More than half of Citrix customers reported they are changing the way their SecOps teams operate because of the rise in ransomware, targeted malware and phishing attacks.
- Nearly half said end-to-end protection of apps and data is most important in protecting their “always-on” business.
- 56% are looking more closely at how to simplify management and monitoring of SSL certificates.
In the press release that followed its report, Citrix also points out highlights of a July 2016 Forrester Security Business Technographics survey, for added perspective:
- 62% of security decision makers hope to accelerate their digital business in the next 12 months.
- 65% want to improve application security capabilities and services.
- 47% are implementing or expanding IoT security in the next 12 months.
The issue at hand:
Targeted attacks are changing IT security modus operandi and investments. Citrix explains it like this:
“Devices are accessing information all the time—over public networks, across geographic boundaries and from the cloud—requiring IT to rethink their security and compliance approach… Businesses want to adopt new technology, but are still stuck catching up on compliance regulations. By shifting away from device-level, platform-specific endpoint security solutions, businesses can more easily achieve compliance and focus on adopting new technology to improve employee productivity and reduce risk to sensitive business information.”
The survey results:
Q: What is your top application security business priority?
| Management, visibility and analytics to make more efficient, informed business decisions | 20% |
| Protection against web app attack vendors | 12% |
| Moving from SSL to TLS to enhance security | 3% |
| Securing cloud deployments | 8% |
| Access management | 16% |
| All of the above | 40% |
Q: What do you think is most important to protecting the apps & data of your always-on business?
| Secure, fast cloud data access | 9% |
| Prevention of shadow IT | 5% |
| Stopping data center infiltration / data exfiltration from a variety of attack vectors | 22% |
| Malware protection | 8% |
| End-to-end protection of apps and data | 49% |
| Efficient, secure cloud deployment | 5% |
| Other | 2% |
Our take: These responses indicate customers are not only looking for end-to-end protection for their apps and data, but since no other option ranked anywhere close to this 49% response, customers are seeking an all-encompassing solution, if possible—not individual point solutions for specific threats.
Q: As your business moves more data to cloud environments, what are your top priorities in securing your company’s data?
| Keeping data secure in transit | 61% |
| Appropriate access levels | 57% |
| Policy enforcement to meet compliance regulations | 61% |
| Accurate, real-time monitoring and reporting | 39% |
| Managing and visibility of traffic and analytics | 43% |
Our take: While these responses are relatively high-ranking, the first three, collectively, indicate customers are emphasizing regulatory compliance, which goes hand-in-hand with granular access levels. They are also concerned with the data “in flight.”
In short, they want a solution that lets them configure granular access control (so they can demonstrate regulatory compliance), and at the same time have assurance that their data is secure while in transit.
Reading between the lines, this may involve a granular policy engine governing apps and data access; additional security access barriers (such as two-factor authentication); and the use of strong TLS encryption for in-flight data.
Q: Are you looking for protection against specific attack vectors? Select all that apply.
| DDoS | 55% |
| Web firewall attacks | 56% |
| Malware | 75% |
| Ransomware | 75% |
| Phishing | 60% |
| Efficient, secure cloud deployment | 5% |
| Blacklisted IPs | 34% |
Q: Which network security technologies are currently in use or planned for acquisition (within 12 months) to guard all network assets against cyber threats? Select all that apply.
| Advanced malware analysis / sandboxing | 44% |
| Data loss/leak prevention (DLP) | 46% |
| Denial of service (DoS/DDoS) prevention | 48% |
| Network behavior analysis (NBA) | 27% |
| Next-generation firewall (NGFW) | 47% |
| Secure email gateway (SEG) | 52% |
| Secure web gateway (SWG) | 49% |
| Security analytics / full-packet capture and analysis | 27% |
| Security information and event management (SIEM) | 39% |
| Threat intelligence service | 34% |
| Web application firewall (WAF) | 44% |
Our take: We’re surprised to see any responses below 50% in this category. Without a Next Gen Firewall, you really aren’t protecting your network from today’s threats. Similarly, be sure to analyze your Secure Email Gateway and make sure you have Advanced Threat Protection functions against phishing attacks, and include Sandboxing technologies.
Q: Has the increase in ransomware, targeted malware and phishing attacks changed security operations at your company in the last three months?
| Yes | 51% |
| No | 49% |
Our take: We find these responses alarming. As mentioned earlier, we, too, have seen a sharp rise in attacks first-hand, which makes the ability to restore corrupted or missing files at a moment’s notice even more critical.
Additionally, businesses should take immediate action to shield themselves from this type of infiltration to begin with. Next Generation Firewalls, Application Firewalls, and partitioning of internal networks segregating users and data centers are all steps in the right direction.
Q: Given recent attacks, are you looking more closely at how to simplify management and monitoring of SSL certificates?
| Yes | 56% |
| No | 44% |
All things considered, “physical assets are disposable,” says Citrix. As businesses embrace the cloud, IoT and analytics, “they will need to shift their thinking away from protecting each device to securing sensitive applications and data.”
In an increasingly connected marketplace, it’s no exaggeration to say the future of your business hinges on the health and integrity of your data, wherever it may travel.
