Security organizations are facing increasing challenges in detecting breaches, with more than a third of organizations reporting that their existing security tools were ineffective in detecting breaches when they occurred, according to a recent report by Gigamon.
The complexity of hybrid cloud environments and the evolving tactics of malicious actors have created a significant hurdle for organizations. Sixty-five percent of respondents believe that their current solutions are not capable of effectively detecting breaches in the face of unseen attacks.
A survey of security and IT leaders revealed that 83% of respondents view cloud complexity as a factor that increases their cyber risk. The looming threat of AI-powered attacks adds to the urgency of the situation, with 8 out of 10 respondents expressing concerns about the potential impact of AI on global ransomware threats.
Despite a projected global information security spending of $215 billion in 2024, only 54% of organizations feel fully prepared to respond to unauthorized access in hybrid cloud environments. The survey also highlighted weaknesses in threat detection tools, with only a quarter of respondents able to remediate a live threat during a recent breach.
Interestingly, 31% of organizations were only alerted to a breach when they received an extortion threat from the adversary, while 31% became aware once proprietary information was leaked onto the dark web. The failure to determine the root cause of breaches was also a significant issue, with a quarter of respondents unable to pinpoint the source of the breach.
The lack of visibility into hybrid cloud infrastructure was identified as a key contributing factor to organizations’ struggles with breach detection. Despite 85% of respondents identifying cloud security as a boardroom priority, only 40% have visibility into East-West traffic, a crucial aspect of cloud security.
Encryption emerged as another critical blind spot for organizations, with 76% of respondents expressing trust in encrypted traffic security, despite the prevalence of malware attacks hiding in encrypted traffic. The need for unified visibility into hybrid cloud infrastructure was highlighted as a crucial strategy to prevent attacks, with 80% of respondents emphasizing the importance of network-derived intelligence for security tooling.
The survey results also shed light on the challenges faced by Chief Information Security Officers (CISOs), with 59% of CISOs emphasizing the importance of cyber risk becoming a board priority. Furthermore, 69% of CISOs reported struggling to detect encrypted threats, and 70% believed that their tools were not as effective as they could be in detecting breaches.
Overall, the findings of the survey underscore the increasing complexity and sophistication of cybersecurity threats faced by organizations. With cyber risk becoming a top priority for governments and boards, the need for comprehensive visibility, real-time intelligence, and effective threat detection tools is more critical than ever to combat evolving security threats in hybrid cloud environments.