One-Third of Security Breaches Undetected by IT and Security Pros

Survey Exposes Global Misconceptions on Hybrid Cloud Blind Spots, Despite High Predictions of Increased Cloud Security Attacks

Gigamon, a leader in deep observability, has released its Hybrid Cloud Security trends report, revealing a significant disparity between organizations’ perceived security and the actual reality of cyberthreat protection. Despite a surface-level confidence in hybrid cloud security, with 94 percent of global respondents believing their security tools provide complete visibility into their IT infrastructure, nearly one-third of security breaches go unnoticed by IT and Security professionals.

The report highlights that 74 percent of organizations now operate in the hybrid cloud, a configuration considered the norm by Forrester analysts. However, this setup introduces several security concerns, as indicated by the survey. An overwhelming 93 percent of respondents anticipate an increase in cloud security attacks, and 90 percent have experienced a breach within the past 18 months. Alarmingly, 31 percent of breaches are identified only after the fact, rather than proactively using security and observability tools. These breaches are often discovered through data appearing on the dark web, inaccessible files, or users experiencing slow application performance.

While there is an increasing emphasis on collaboration between CloudOps and SecOps teams, with 99 percent of respondents recognizing cloud security as a shared responsibility, more needs to be done. Despite CloudOps taking the lead on strategy, a lack of security-first culture results in vulnerability detection being siloed within the SecOps team.

The report also identifies unexpected blind spots, legislation, and attack complexity as top stressors for IT and security leaders. Concerns over cyber investment and the skills gap are relatively low. Additionally, blind spots in hybrid cloud infrastructure were acknowledged by respondents, including limited visibility into encrypted data and container insights. Despite flagging blind spots as a leading concern, one-third of CISOs and 50 percent of other IT and Security leaders lack confidence in knowing the location and security of their most sensitive data.

Zero Trust emerges as a priority among IT and Security leaders, with 87 percent of global respondents reporting open discussions about Zero Trust at the board level, a significant increase compared to the previous year. However, many teams lack the visibility necessary to enable the Zero Trust framework. The UK, US, and Australia lead in achieving visibility for Zero Trust, while France, Germany, and Singapore lag behind. Deep observability, which incorporates real-time, network-derived intelligence, is recognized as crucial for building a foundation for Zero Trust and is considered an important element of cloud security by 97 percent of respondents.

The report concludes that organizations need to prioritize deep observability and move beyond traditional security approaches to successfully advance on their Zero Trust journeys and address critical visibility gaps. By securing their hybrid cloud infrastructure and embracing deep observability, organizations can bolster their security posture and mitigate the headaches caused by these visibility gaps.