In an alarming revelation, Gigamon’s recent research has highlighted a troubling trend in the global cybersecurity landscape. According to their 2024 Hybrid Cloud Security Survey, 1 in 3 organisations failed to detect a breach in the past year, with only 25 percent capable of responding in real-time. This underscores a significant gap in the defensive measures of enterprises worldwide, despite substantial investments in cybersecurity.
Gigamon, a leader in deep observability, conducted an extensive survey involving over 1,000 Security and IT leaders from Australia, France, Germany, Singapore, the UK, and the USA. The findings reveal a concerning decline in the detection and response capabilities of these organisations compared to the previous year’s report. As hybrid cloud environments become more complex and cyber threats more sophisticated, 65 percent of global respondents expressed doubts about their current solutions’ effectiveness in detecting breaches. In Australia, the situation is particularly dire, with 50 percent of respondents only detecting breaches when users experienced application access issues.
Escalating Complexity and Increasing Risk
The survey indicates that security and IT leaders are at a pivotal crossroads. An overwhelming 83 percent of respondents believe that the growing complexity of cloud environments is escalating their cyber risk. The rise of AI-powered attacks further complicates this landscape, with eight out of ten predicting an increase in global ransomware threats driven by AI. Despite global information security spending projected to reach $215 billion in 2024, only 54 percent of organisations feel “strongly prepared” to respond to unauthorised access within hybrid cloud setups.
A Global Snapshot of Unpreparedness
The data paints a grim picture of organisational readiness. In Australia, 76 percent of respondents have experienced a data breach, surpassing the global average of 73 percent. Across the board, there is a general acknowledgment of weaknesses in threat detection tools. Only one in four could remediate a live threat during a recent breach. This figure slightly improves in Germany (30 percent) but drops to just 20 percent in Australia and Singapore.
The consequences of these shortcomings are severe:
- 31 percent of organisations only detected breaches upon receiving extortion threats.
- Another 31 percent became aware of breaches only after proprietary information appeared on the dark web, with this figure rising to a troubling 42 percent among Australian respondents.
- 25 percent of respondents failed to determine the root cause of breaches, a problem more pronounced in Australia, Singapore, and the US.
Visibility Gaps and the Need for Deep Observability
The complexity of hybrid cloud infrastructures contributes significantly to these vulnerabilities. Despite 85 percent of respondents citing cloud security as a boardroom priority, visibility within hybrid clouds remains inadequate. Three-quarters of respondents agree on the critical importance of East-West (lateral) visibility over North-South, yet only 40 percent have achieved it, a decrease from 48 percent in 2023. This visibility gap is especially pronounced in the UK (30 percent), while nearly half of respondents in Australia and Singapore report better visibility.
Encryption adds another layer of challenge. Despite research indicating that 93 percent of malware hides in encrypted traffic, an astonishing 76 percent of respondents trust that encrypted traffic is secure.
The Imperative of Deep Observability
More than 80 percent of survey participants agree that unified visibility into hybrid cloud infrastructures, which provides network-derived intelligence to log-based security tools, is essential for preventing attacks. Additionally, six in ten believe that comprehensive visibility into all data in motion is crucial for the secure deployment of AI technologies. Consequently, 80 percent consider deep observability a board-level priority.
Security leaders universally recognise the importance of deep observability for secure and efficient AI deployments. In Australia, 84 percent of respondents see a strong link between deep observability and the implementation of Zero Trust principles. As regulatory environments increasingly demand board-level accountability for security postures, cloud security efforts are gaining prominence in C-suites. In Australia, 89 percent of respondents affirm that cloud security is a board priority.
CISOs: The Bearers of Cybersecurity Burdens
The survey also sheds light on the pressures faced by CISOs. With 234 CISOs participating globally, the data reveals that they continue to bear the brunt of regulatory and technological challenges. Fifty-nine percent report that elevating cyber risk to a board priority would empower them most. However, 69 percent struggle to detect encrypted threats, and 70 percent believe their tools are inadequate for breach detection. Furthermore, three-quarters of CISOs find their security teams overwhelmed by extensive tool stacks, a figure 11 percent higher than their C-suite counterparts.
A Call to Action
Mark Jow, EMEA Technical Evangelist at Gigamon, emphasised the urgency of the situation: “Cyber risk is firmly in the spotlight this year, with governments and boardrooms finally recognising its place at the very top of the business risk register. And yet cybercriminals are evading detection over a third of the time. Today’s MELT-based (Metrics, Events, Logs, and Traces) approaches are no longer enough, as organisations need 360-degree visibility across the hybrid cloud. Whether organisations are fending off AI-powered attacks, integrating AI-powered solutions into hybrid cloud environments, or seeking to establish Zero Trust, deep observability is fundamental to success.”
Chaim Mazal, CSO at Gigamon, echoed this sentiment: “It is clear for CISOs that organisations’ tool stacks are falling short. Security leaders are under pressure from governments to reduce cyber risk. But without real-time, network-derived intelligence and insights into all data in motion, including East-West and encrypted traffic, bad actors will continue to wreak havoc, now with AI accelerating their efforts.”
Conclusion
The 2024 Hybrid Cloud Security Survey by Gigamon, conducted in collaboration with Vitreous World, underscores the critical need for organisations to enhance their cybersecurity strategies. As hybrid cloud environments evolve and cyber threats become more sophisticated, deep observability emerges as a cornerstone of effective security measures. The survey’s findings serve as a clarion call for security and IT leaders to prioritise comprehensive visibility and robust detection mechanisms to safeguard against the ever-evolving landscape of cyber threats.
https://www.gigamon.com/resources/resource-library/white-paper/wp-gigamon-survey-hybrid-cloud-security-2024.html
