Citrix on Thursday missed Wall Street’s earnings targets for its fiscal first quarter. The company has been riding a surge in demand for its products and services amid the ongoing work-from-home wave, but said its revenue was negatively impacted by supply chain challenges and a lower-than-expected duration of on-premises term licenses. Citrix also said the first quarter marks the trough in its business model transition to the cloud.
As for the numbers, the company reported Q1 non-GAAP earnings of $1.42 per share on revenue of $776 million. Wall Street was expecting Q1 earnings of $1.43 per share and revenue of $797 million.
Elsewhere on the balance sheet, Citrix said Q1 subscription ARR was $1.51 billion, up 81% year over year. Meanwhile, the company said SaaS ARR came to $793 million, up 43% from a year ago. Total ARR, which combines the value of all of Citrix ‘s subscription sources as well as perpetual license maintenance contracts, was $2.94 billion.
Core to Citrix’s growth is its Workspace Suite, which includes its server and desktop and application virtualization products XenApp, XenDesktop, and XenServer, along with XenMobile mobile-device management tools, ShareFile Enterprise file sync and sharing, and networking.
The company said Workspace revenue declined 11% year over year to $581 million due to the discontinuation of its Workspace perpetual license offering. The company’s app delivery and security revenue came to $170 million, down 6% year over year.
Broken out, Citrix said product and license revenues came to $44 million and support and services revenues declined 7% on a year-over-year basis to $389 million. Subscription revenues increased 28% from the year-ago period to $342 million.
For the second quarter of 2021, Citrix is projecting revenue of $840 million to $850 million with non-GAAP earnings of $1.15 a share to $1.20 a share. Wall Street is expecting diluted EPS of $1.55 per share on revenue of $828.7 million. For the year, Citrix expects revenue between $3.38 billion and $3.42 billion.
Shares of Citrix were down over 8% in early trading.
US pipeline ransomware attack serves as fair warning to persistent corporate inertia over security
Organisations that continue to disregard the need to ensure they have adopted basic cybersecurity hygiene practices should be taken to task. This will be critical, especially as cybercriminals turn their attention to sectors where cyber threats can result in real-world risks, as demonstrated in the US Colonial Pipeline attack.
In many of my conversations with cybersecurity experts, there is a shared sense of frustration that businesses still are failing to get some of the most basic things right. Default passwords are left unchanged, frontline staff and employees are still falling for common scams and phishing attacks, and major businesses think nothing of using technology that are decades old.
Just this month, UOB Bank revealed an employee had fallen prey to a China police impersonation scam that compromised the personal data of 1,166 customers, including their mobile number and account balance. This specific impersonation use case had been flagged as a common scam tactic and even featured in a crime prevention TV programme months before. That an employee of a major bank still could have fallen for it is shocking.
It begs the question whether its frontline staff or any employee with access to customer data has been adequately trained as well as regularly updated on how they should deal with potential cyber threats.
Should such inertia continue to fester, there’s real cause for concern ahead especially as cyber attackers turn their attention towards operational technology (OT) sectors, such as power, water, and transport. As it is, businesses seem ill-prepared to cope with the growing threat.
Consider the stats. Some 68% of businesses in Asia-Pacific were breached last year, up from 32% in 2019, and 17% had to deal with more than 50 cyber attacks or errors a week. And they took way too long to pick themselves up after an attack, with an average of 60.83% needing more than a week to remediate the attacks, citing lack of funds and skillsets as their key challenges.
in Singapore, 28% had been breached in the past year, with almost 15% having to deal with at least 50 attempted cyber attacks a week. Some 33% described the resulting data loss as very serious or serious.
Things will only get worse as businesses in the region and around the world rush to adopt tools that facilitate remote work, leaving their networks vulnerable to attacks. As it is, 54.7% viewed enabling and managing remote workforces a top ICT challenge and another 49.7% felt likewise about securing remote workers.
As online adoption grows, supply chains will widen as businesses rush to cope with the spike in transactions. This means attack surfaces, too, will expand and it is crucial that enterprises get the fundamentals right to better mitigate potential security risks.
When cyber risks become physical threats
And in the case of the Colonial Pipeline, the risks can be severe.
The privately-held pipeline operator supplies 45% of the East Coast’s fuel, including gasoline, diesel, jet fuel, home-heating oil, and fuel for the US military. It transports more than 100 million gallons of fuel a day across an area that spans Texas to New York.
The cyber attack forced the company to temporarily shut its operations and freeze IT systems to contain the infection. It triggered supply shortage concerns and pushed gasoline futures to their highest level in three years. It also prompted the US Department of Transportation to invoke emergency powers to make it easier to transport fuel by road.
That it paid up shouldn’t come as a surprise, since a majority of businesses in Asia-Pacific also choose to pay up after falling victim to ransomware attacks. These include 88% in Australia and 78% in Singapore that have forked out the ransom in full or in part.
On its part, Singapore has recognised the risks cybersecurity attacks pose to its critical infrastructures. Early this month, it created a cybersecurity expert panel focused on OT, with the first meeting slated to take place in September. The move comes months after the country last October unveiled a new cybersecurity blueprint that looked to safeguard its core digital infrastructure.
In particular, the government pointed to OT systems, where a successful attack can manifest as a severe disruption in the physical world. Such systems, including those in the energy, water, and transport sectors, are critical for delivering essential services and supporting the economy.
In forming the OT expert panel, Singapore’s Cyber Security Agency Chief Executive David Koh said: “While OT systems were traditionally separated from the internet, increasing digitalisation has led to more IT and OT integration. Hence, it is crucial for OT systems to be better protected from cyber threats to prevent outages of critical services that could result in serious real-world consequences.”
That Singapore has put strong focus on OT is a positive step forward. And it is hoping the expert panel will provide some guidance on a range of issues, including governance policies, OT technologies, supply chain, threat intelligent information sharing, and incident response.
However, with most of the industry still stuck in apparent inertia, firmer action is necessary to ensure businesses across all sectors, including OT, do not slip up.
This should encompass even the simplest and most basic rules, such as outlawing the use of software that is more than 15 years old or mandating that all employees–including senior management–chalk up minimum training hours a year on cybersecurity threat management.
In addition, all organisations that have encountered a security incident should be required to detail how their systems were breached. An abridged version of the attack, excluding specifics that can further compromise the company’s security, also should publicly released.
It should no longer be sufficient for any company to simply say the attack was “sophisticated” without giving any other information to justify that description.
In the Colonial Pipeline case, details have been slow to trickle out, with the US government yet to receive any information from the oil pipeline operator. The Biden administration had expressed frustration over what they perceived to be weak security protocols on Colonial Pipeline’s part as well as well a lack of readiness to deal with cyberattacks.
It is clearly time for all organisations, not just those in Asia, to get a grip. Because if they don’t, they won’t just be losing millions in ransom payments, actual physical lives will be at risk. Transport and healthcare operators, in particular, should take heed.
And with cybercriminals increasingly skilled in their craft, future attacks will indeed be so complex it will put to shame use of the word “sophisticated” that appears in almost every statement companies currently make to describe they breach they suffered.
Be better. Because when it comes to cybersecurity, that is what many businesses have yet to be.
ASD knows who attacked the APH email system but isn’t revealing who
The Australian Cyber Security Centre (ACSC), and the overseeing Australian Signals Directorate (ASD), know who attacked the email system of the Australian Parliament House, but they are not saying who it is.
“Attribution is a matter for government, and is made only when in the national interest,” it said in response to Senate Estimates Questions on Notice.
Many of the questions were passed off onto the Department of Parliamentary Service (DPS), which revealed earlier this week that it had pulled down and replaced its mobile device management (MDM) system as a result of the attack.
“The attack did not cause an outage of the DPS systems. DPS shut down the MDM system. This action was taken to protect system security while investigation and remediation were undertaken,” DPS said.
“To restore services, DPS brought forward the rollout of an advanced mobile services solution that replaced the legacy MDM. The new solution provides greater security and functionality for mobile devices. This rollout was a complex activity and extended the outage experienced by users.”
The legacy MDM system remains in use in a limited capacity.
One tidbit ASD did part with was agreeing that the attacker was unsophisticated and that the ACSC was involved in “searching for any potential implants” in the APH Exchange server.
An unsophisticated attack would have had a higher than expected chance of succeeding, thanks to the lack of 2FA.
“Before users came back on line after this incident, they were asked to implement new security controls to access APH emails via mobile handsets — namely multi-factor authentication,” Senator Kimberley Kitching said in a question.
“In the course of providing cybersecurity advice and assistance to DPS following the incident, the ACSC provided broad advice on security controls,” the ASD said.
ASD said there was no “specific threat” that led to the introduction of 2FA, and instead pointed to its Essential Eight advice first published in 2017.
DPS said earlier this week it had seen no evidence of any email accounts being compromised due to the attack, and the attack had nothing to do with recent Exchange vulnerabilities.
In another answer, ASD said no code review has been completed on the systems of the Australian Electoral Commission, but it has “conducted a vulnerability assessment and partnered with the AEC to conduct multiple uplift activities on the AEC network.”
Labor pitches ‘startup year’ as key to Australia’s future
Opposition leader Anthony Albanese has outlined his plan for Australia should Labor be successful at the next federal election, one that’s centred on things the Coalition missed in its 2021-22 Budget.
“We have a once in a century opportunity to reinvent our economy, to lift wages and make sure they keep rising, to invest in advanced manufacturing and in skills and training with public TAFE at its heart, to provide affordable childcare, to fix aged care, to address the housing crisis, to champion equality for women, and to emerge as a renewable energy superpower,” he declared in his Budget reply speech, delivered Thursday night.
“That’s the better future I want to build for Australia as Prime Minister.”
A centrepiece of Albanese’s plan is a “startup year”.
“Australia has always produced scientific innovations, but we always haven’t been good at commercialising them,” he continued, listing the black box, Google Maps, the Cochlear implant as some examples.
He said a lot of what Australia uncovers via research gets converted into manufacturing jobs overseas.
“And if we don’t get smart, if we don’t get serious, if we don’t get moving — the same thing is going to happen again,” he said.
The startup year, Albanese declared, is a program to “help drive innovation and increase links between universities and entrepreneurs”.
The program will allow final year university students, or recent graduates, to learn from experts about how to transform their ideas and research into products and services that Australia can sell to the world.
The students would do their training at established “accelerators” or “incubators”.
Startup loans will be offered to students and new graduates with ventures attached to the tertiary institution or designated private accelerator. Albanese believes this will assist in the identification of opportunities for commercialisation of university research.
Startup year will train up to 2,000 students per year and will be supported by HELP/HECS loans, up to a maximum of AU$11,300.
The loans can go towards paying for things such as training, equipment, or building prototypes.
Expanding further on this plan, Shadow Minister for Industry and Innovation Ed Husic said Labor wants to send a signal to young Australians that it “backs them and their ideas to build new firms and new jobs”.
“We want to do that through the range of university accelerators that exist across the country. We want to work with the university sector and others in the innovation space to determine how we do that selection process. And the big thing for us is to build that momentum, build that interest in starting new firms. Because really, what we need to see in this country apart from current firms getting bigger and stronger, we need to see an influx of new firms coming in with new ideas to improve the way the economy works,” he said.
This requires, however, talented people on the ground to do the work that will support startups and encourage their growth, Husic declared.
“If you’ve had a federal government that continually cuts or fails to support the university sector can’t get its act together on commercialising the research and ideas coming out of universities is cutting TAFE and is dragging the chain on innovation, this is a real problem,” he continued.
On Tuesday night, the government unveiled a “patent box” to drive research in medical and biotech technologies, and a National Centre of AI Excellence. Husic said the first was taken from similar overseas initiatives and the second was stolen from his party.
HelpSystems expands email, cloud security portfolio with acquisition of Agari, Beyond Security
HelpSystems has announced the acquisition of Agari and Beyond Security as the firm continues to expand its cybersecurity portfolio.
The financial details of the transactions were not disclosed.
Headquartered in Cupertino, California, Beyond Security is a provider of automated vulnerability assessment and compliance solutions.
The firm’s products, beSecure, beSource, and beStorm, cover vulnerability scanning and management, code analysis, and black box testing.
“The team and solutions from Beyond Security will fit into HelpSystems’ popular infrastructure protection portfolio featuring Digital Defense, Core Security, and Cobalt Strike,” the company says.
This is the second acquisition made public by HelpSystems this week. On Thursday, the company also announced a deal to secure Agari, a Software as a Service (SaaS) solutions provider for phishing protection based in Foster City, California.
Email, when combined with social engineering, leads to business email compromise (BEC) and may result in wider compromise of enterprise networks. Agari solutions attempt to filter out phishing attempts using data science, machine learning (ML), and cloud computing.
Agari is also a founding member of the consortium which created the Domain Message Authentication Reporting Conformance (DMARC) email authentication standard, a technical standard designed to prevent phishing, spam, and spoofing.
“Cybercriminals increasingly use email as a prime way to infiltrate businesses and gain access to sensitive data and IP, causing untold damage in terms of cost and reputation,” commented Kate Bolseth, HelpSystems chief executive. “We’re thrilled to welcome Agari and their email phishing defense prowess to the HelpSystems family. Agari will be a notable asset to HelpSystems as we work together to give global customers new tools for securing their valuable data and achieving peace of mind.”
The purchases build upon the acquisition of Texas-based Digital Defense in February, a company that develops SaaS vulnerability scanning, network asset analysis, and risk score generation software to assist IT teams in patch and remediation efforts.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
JetBlue Hits Back At Eastern Airlines On Ecuador Flights
Build a cognitive search and a health knowledge graph using AWS AI services
Shiba Inu: Know How to Buy the New Dogecoin Rival
ONE Gas to Participate in American Gas Association Financial Forum
Meme Coins Craze Attracting Money Behind Fall of Bitcoin
Yieldly announces IDO
Pokémon Go Special Weekend announced, features global partners like Verizon, 7-Eleven Mexico, and Yoshinoya
Opimas estimates that over US$190 billion worth of Bitcoin is currently at risk due to subpar safekeeping
Credit Karma Launches Instant Karma Rewards
‘Destroy Sandcastles’ in Fortnite Locations Explained
Valve launches Supporters Clubs, allows fans to directly support Dota Pro Circuit teams
Sentiment Flippening: Why This Bitcoin Expert Doesn’t Own Ethereum
How to download PUBG Mobile’s patch 1.4 update
Bella Aurora launches its first treatment for white patches on the skin
5 Best Mid Laners in League of Legends Patch 11.10
Top Tips On Why And How To Get A Cyber Security Degree ?
Decentraland Price Prediction 2021-2025: MANA $25 by the End of 2025
PR Newswire7 days ago
Polystyrene Foam Market worth $32.2 billion by 2026 – Exclusive Report by MarketsandMarkets™
Energy1 week ago
Systém GameChange Solar 631 MW Genius Tracker™ bude vztyčen v jižním Texasu
Blockchain1 week ago
The Reason for Ethereum’s Recent Rally to ATH According to Changpeng Zhao
Aviation1 week ago
American Airlines Passenger Arrested After Alleged Crew Attack
Blockchain1 week ago
Chiliz Price Prediction 2021-2025: $1.76 By the End of 2025
Blockchain1 week ago
Mining Bitcoin: How to Mine Bitcoin
PR Newswire1 week ago
Memorial Day Grill Accessories Roundup
Private Equity1 week ago
Beyond the fanfare and SEC warnings, SPACs are here to stay
Blockchain1 week ago
Amid XRP lawsuit, Ripple appoints former US Treasurer to its board, and names new CFO
Aviation6 days ago
What Happened To Lufthansa’s Boeing 707 Aircraft?
Blockchain1 week ago
NYDIG: Bitcoin is Coming to Hundreds of American Banks This Year
Blockchain1 week ago
NYDIG: Bitcoin is Coming to Hundreds of American Banks This Year