Are you ready for the next generation digital business? With an audience of top security practitioners, risk management was the focus of preparations for the next generation digital enterprises (and governments) at this year’s Gartner Security and Risk Management Summit opening keynote, which took place June 23-26, 2014. With great change upon us, Gartner analysts were focused on ‘people centric security’ and said there is no such thing as perfect protection. This is so true. Today’s organizations grow by becoming more digital and mobile, while the speed, sophistication, and severe consequences of threats increase. To thrive, security leaders need to step forward – and ‘balance the need to protect’ with the desire to grow the business.
For years, we have seen many security programs focus resources on business technical and operational security. Most still do. This approach appears comprehensive, is well understood, and teams can be responsive to immediate operational needs. After all, this is doing security. Right? Stan Black, Citrix chief security officer points out there is a better approach. One that channels our security resources away from the onslaught of business, technical, and operational security distractions and remembers why we are here; to protect our customers, both internal and external.
Back to basics
During the event, we also heard speakers encourage security practitioners to truly achieve standards of due care (rather than lose them) at every technology evolution – from personal computing to the Internet, and from wireless/mobile/cloud to BYOD and the Internet of Things. Attendees were asked to return to focus on the basics first:
- Patch and update
- Good fundamental policies
- Security education
- Encryption where it is warranted
- Serviceable perimeter protection
- Identity and access management
The basics go a long way. With our secure-by-design solutions, Citrix gives our customers a great foundation to address key security and compliance priorities. For example, by delivering Windows apps and desktops virtually, not only is the data protected in the datacenter, IT administrators gain centralized control of the patch and update cycle. This streamlines the process and gives IT the assurance patches and updates have been made, when they want them made. Along with virtualization, mobility delivered by XenMobile, enterprise file sync and share through ShareFile, and networking powered by NetScaler help to assure you have all of the security bases covered from the device to the cloud.
Prepare of the inevitable
New types of threats will continue to emerge, such as ransomware, advanced persistent threats (APT) and unknown malware. I had the opportunity to speak with many of our customers during the Gartner Summit, including CISO’s from government, education, technology and healthcare industries. It was clear they all understood the importance of being up to date on the latest threats and associated response tactics – the weeklong summit focused on these too. We recommend that you identify each of the risks your company might encounter and prioritize them based on your customers’ goals and priorities. Follow this by developing worst-case scenarios for each to guide the development of your plan.
Focus on protecting the customer, not ‘doing security’
During the event, it became clear that there is a need to create a bridge between IT and business teams – getting security to step center stage and engage with CIOs and CEOs (and engage with the board of directors) to enable new forms of business, rather than just fix problems. We couldn’t agree more. Citrix is on this journey with our customers as security steps center stage. We are here to protect our customers.
Be sure to check out the security and compliance solutions page to learn more about how Citrix enables our customers to embrace mobility while protecting what matters most.
Follow @CitrixSecurity on Twitter
About the author
Stacy Bruzek Banerjee is the director of solutions marketing for Citrix and is responsible for global security, business continuity and BYOD solutions. Prior to Citrix, Stacy worked to build Guidewire to explosive growth and a successful IPO. She has held marketing leadership roles at Oracle, Symantec and VISA, where she focused on data management, security and collaboration. She holds a bachelor’s degree from the University of Minnesota. Feel free to read more of Stacy’s blogs.