Gigamon Sound Alarm on Cloud Security as Unseen Attacks Soar

Undetected breaches are rising by 20% year on year, according to an alarming new report from deep observability company Gigamon.

The cloud is one of the main suspects in the statistics, according to the company's 2024 Hybrid Cloud Security Survey, as organisations worldwide are finding the diffusion of their data a hurdle in being able to detect and respond to cyber threats effectively. 

The annual survey, which polled over 1,000 Security and IT leaders across six countries, shows a year-on-year decline in detection and response capabilities compared to Gigamon's 2023 report.

One in three organisations were found unable to detect a breach in the last 12 months, and only 25 % capable of responding in real-time. 

This highlights the growing challenge of maintaining robust cybersecurity measures in an increasingly complex digital landscape.

Unseen cyber attacks

As data is scattered across on-premises, public cloud, and private cloud platforms, the intricacies of the networks have made maintaining comprehensive visibility and control becomes increasingly difficult. 

83 % of respondents believe that cloud complexity is increasing their cyber risk. This sentiment is further compounded by the looming threat of AI-powered cyber attacks, with 82 % of respondents predicting an increase in global ransomware threats.

Only 40% of respondents reported having visibility into East-West (lateral) traffic, a decrease from 48% in 2023, although three-quarters of respondents agree that East-West (lateral) visibility is more important to cloud security than North-South.

While North-South traffic monitoring remains important for perimeter security, the nature of modern data centres and cloud environments has shifted the focus towards gaining comprehensive visibility into East-West traffic flows. However, 76% of respondents currently trust that encrypted traffic is secure. 

Chaim Mazal, CSO at Gigamon, emphasised the gravity of the situation, stating, “It is clear for CISOs that organisations’ tool stacks are falling short."

Organisations understand the growing threat level this increase in attack surface, diffusion of data and AI augmentation of attacks will bring, with information security spending is projected to reach US$215bn in 2024.

Yet the survey showed that 65% of respondents believe their existing security tooling cannot effectively detect breaches.

Challenges in securing hybrid cloud 

Currently, there exists security solutions for securing hybrid cloud environments. Yet, these come with their own set of challenges. 

Ensuring data security and compliance as data moves between different cloud environments, implementing consistent identity and access management controls; securing east-west traffic between workloads, and integrating security tools from multiple vendors to achieve interoperability across the hybrid environment mean organisations have a lot more work to do in order to remain secure.

Yet, in a sector with perennial staffing shortages, this poses problems. 

Equally, while major cloud providers and cybersecurity vendors offer various tools and services to securing a business’ operations, organisations typically need to implement a multi-layered security approach by integrating solutions from different providers to achieve a robust security posture across their hybrid cloud infrastructure. Again, posing an issue into a unified and comprehensive overview of security. 

Mark Jow, EMEA Technical Evangelist at Gigamon, emphasised the need for comprehensive visibility, stating, "Whether organisations are fending off AI-powered attacks, integrating AI-powered solutions into hybrid cloud environments, or seeking to establish Zero Trust, deep observability is fundamental to success."

As cyber threats continue to evolve and become more sophisticated, the study highlights how  maintaining visibility and detection capabilities is crucial to staying ahead of threat actors and protecting valuable assets. 

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand