ORLANDO — Citrix Systems CEO Kirill Tatarinov cast his company as “a new breed of security company,” shining a spotlight on the company’s security capabilities as it kicked off its Synergy conference here Tuesday.
While the company isn’t a pure-play security vendor, Tatarinov touted the company’s history of security as a feature of everything it does, telling assembled press in a post-keynote sessions with press and analysts that Citrix has been “providing security capabilities for our customers without talking about it for 28 years,” the whole of its history. While the company is not, and will not, be a traditional security player, with its position in edge access and virtual desktops and apps, it has an important role to play, Tatarinov said.
“The most important element of security for us is offering secure, proactive infrastructure that secures the organization by default, in a way that does not cost increased complexity,” he said.
Too much of the effort is spent on “after the fact” security, he said, with companies on average having “30 or 40 different security tools that are all being bolted on to help address vulnerabilities and issues after they happen.” Citrix’s opportunity, he said, is in protecting attacks from happening, citing abilities including whitelisting approved applications in products like NetScaler, XenApp, and XenDesktop, as well as lockdown capabilities in its ShareFile offering.
In Tatarinov’s estimation, it’s a shift from defense to offense on the security front. In his keynote to the broader Synergy audience, he urged attendees “not to wait” for an attack, but to “rally together to protect ourselves against future attacks.” While that’s it’s current focus, Tatarinov also said that’s where the company’s future investments in security — either as product or as a feature — will be invested.
To expand its role in defining this type of proactive security, the company threw its hat into the ring for security services, announcing it has formed a security services practice that will help customers assess the security situation around their apps and data, and make sure things are secured by default.
“It’s a very important, responsible move to help the world off the attacks that continue to come on an accelerated basis,” Tatarinov said, pointing to the prominence of the recent WannaCry ransomware outbreak as evidence. “As hard as it is to predict the future of cybersecurity, it’s actually pretty easy. We know that next week, there will be a new attack, seeking to steal or lock up our valuable data.”
Tatarinov said the need for such a practice also came at least in part from customer demand for help due to the shortage of professional security skills available in the marketplace. It is running a promotional contest at the show where customers can win a security assessment from the team.
Although Citrix may partner with many solution providers and system integrators that offer their own security consulting practices — either Citrix-specific or across vendors, Tatarinov downplayed the potential for conflict with partners, saying that like its other services consulting practices, the security group will follow “the playbook that most technology companies have.”
“Our security practice will be very focused, and it’s going to stay small,” he told press and analysts. “It’s a group of people that are developing best practices that we will deliver through our partners. It will define security services they can deliver with us.”
The only way for Citrix to get the scale it needs for security services, he added, is through this approach combined with “enablement for large-scale, broad consulting force coming from our partners.” The company currently boasts 400,000 customers worldwide, and “quite a maniacal focus” developed over the last year around adding new customers.