A recent survey of more than 4,200 IT and IT security practitioners found that 69 percent of respondents said some of their existing security solutions are outdated and inadequate, and 70 percent said their organization had made investments in IT security technology that wasn't successfully deployed.
Still, 98 percent of respondents plan to spend more than a million dollars on IT security in 2017.
The survey, conducted by the Ponemon Institute and sponsored by Citrix, also found that 65 percent of respondents said their organization isn't able to reduce the risk from unapproved applications, and 64 percent said they have no way to reduce the risk from unmanaged data.
Just 40 percent of respondents said their organization is hiring knowledgeable and experienced security practitioners, and only 48 percent said their organization has security policies in place to ensure employees and third parties only have the appropriate levels of access to sensitive business data.
When asked what would help them better manage security challenges, 53 percent said a unified view of users across the enterprise would help, and 48 percent said an ability to keep up with new or emerging attacks would do so.
"Security today is not about the number of security technologies your business invests in," Citrix chief security officer Stan Black said in a statement. "It's about investing in the right security technologies that will help protect applications and data, no matter where they're used or stored."
According to a separate survey of more than 3,000 key professionals responsible for cyber security decisions at their companies in the U.S., U.K. and Germany, 53 percent of businesses in three countries are unprepared to deal with cyber attacks.
The survey, conducted by Forrester Consulting and sponsored by Hiscox, assessed companies' cyber readiness in four key areas: strategy, resourcing, technology and process. Just 30 percent of respondents qualified as "expert" in all four areas.
Fifty-seven percent of companies admitted having experienced a cyber attack in the past year, and 42 percent have been hit with two or more.
Just 43 percent of German companies believe their government is doing enough to protect them from cyber attacks, compared to 62 percent in the U.S. and 48 percent in the U.K.
Forty percent of companies in all three countries have taken out cyber insurance -- 55 percent of U.S. companies have done so.
Fifty-nine percent of cyber security budgets are expected to increase by 5 percent or more in the coming year, and 21 percent will increase by 10 percent or more.