GUEST RESEARCH: In a stark reminder of the ever-evolving cyber threat landscape, Gigamon, a leader in deep observability, has released its 2024 Hybrid Cloud Security Survey. The findings paint a concerning picture: organisations worldwide remain unprepared for sophisticated cyber threats, with a notable increase in undetected breaches. The annual survey, which gathered insights from over 1,000 Security and IT leaders across Australia, France, Germany, Singapore, the UK, and the USA, indicates a significant decline in detection and response capabilities compared to the previous year.
Growing complexity and cyber risks
The survey highlights that as hybrid cloud environments become more complex, bad actors are exploiting these intricacies to launch increasingly sophisticated attacks. A staggering 65% of global respondents admitted that their current solutions are ineffective in detecting breaches. In Australia, half of the respondents could only identify a breach when users reported issues accessing applications and digital resources.
The alarming rise of undetected breaches
Security and IT leaders find themselves at a critical juncture, with 83% acknowledging that the complexity of cloud environments heightens their cyber risk. The looming threat of AI-powered attacks is a major concern, with eight in ten respondents predicting an escalation in global ransomware incidents due to AI. Despite a projected global information security expenditure of $215 billion in 2024, only 54% of organisations feel “strongly prepared” to counter unauthorized access in hybrid cloud settings.
Global unpreparedness for cyber attacks
Australia seems particularly vulnerable, with 76% of respondents reporting a data breach in the past year, slightly above the global average of 73%. The survey reveals glaring weaknesses in threat detection tools, with only one in four organisations able to remediate a live threat during a recent breach. This capability varies by region, peaking at 30% in Germany but dropping to just 20% in Australia and Singapore.
|
|
When detection tools fail, the consequences are severe:
31% of organisations only detected a breach upon receiving an extortion threat from the adversary.
31% realised they had been breached only after their proprietary information surfaced on the dark web, with this figure soaring to 42% among Australian respondents.
25% of respondents were unable to pinpoint the breach’s origin, a number that rises to one-third in Australia, Singapore, and the US.
Visibility gaps in hybrid cloud security
The survey underscores that complex hybrid cloud infrastructures contribute to a significant lack of control and visibility. Despite 85% of respondents identifying cloud security as a boardroom priority, only 40% have visibility into East-West (lateral) traffic within their networks, a drop from 48% in 2023. This lateral visibility is crucial for effective threat detection and is lowest in the UK at 30%, while nearly half of respondents in Australia and Singapore report better visibility.
Encryption presents another challenge, as 76% of respondents mistakenly believe encrypted traffic is inherently secure, despite evidence that 93% of malware hides within such traffic.
Deep observability: A key to modern cybersecurity
More than 80% of respondents agree that unified visibility into hybrid cloud infrastructure, combining network-derived intelligence with log-based security tools, is essential for preventing attacks. Six in 10 believe that better visibility into all data in motion will enable secure AI technology deployments. Consequently, deep observability has become a top priority at the board level.
In Australia, 84% of respondents see a strong connection between deep observability and the implementation of Zero Trust strategies. With regulatory environments increasingly emphasising board-level accountability for security, cloud security efforts are gaining prominence in C-suites. An overwhelming 89 % of Australian respondents view cloud security as a board priority.
“Cyber risk is firmly in the spotlight this year, with governments and boardrooms finally recognising its place at the very top of the business risk register. And yet, cybercriminals are evading detection over a third of the time,” commented Gigamon EMEA technical evangelist Mark Jow. “Today’s MELT-based (Metrics, Events, Logs, and Traces) approaches are no longer enough, as organisations need 360-degree visibility across the hybrid cloud. Whether organisations are fending off AI-powered attacks, integrating AI-powered solutions into hybrid cloud environments, or seeking to establish Zero Trust, deep observability is fundamental to success.”
CISOs: The frontline guardians
The survey also gathered insights from 234 chief information security officers (CISOs) globally, highlighting the immense pressure they face. About 59% of CISOs feel most empowered when cyber risk is treated as a board priority. However, 69% struggle with detecting encrypted threats, compared to 59 % of the total respondents. Alarmingly, seven in ten CISOs believe their tools are ineffective at detecting breaches. Additionally, three-quarters of CISOs report their security teams are overwhelmed by the sheer volume of tools they must manage, a sentiment shared by 11% more CISOs than their C-suite counterparts.
“It is clear for CISOs that organisations’ tool stacks are falling short,” said Gigamon chief security officer (CSO) Chaim Mazal. “Security leaders are under pressure from governments to reduce cyber risk. But without real-time, network-derived intelligence and insights into all data in motion, including East-West and encrypted traffic, bad actors will continue to wreak havoc, now with AI accelerating their efforts.”
Survey methodology
The 2024 Hybrid Cloud Security Survey was commissioned by Gigamon and conducted in collaboration with Vitreous World. The data is based on responses from an online survey of 1,033 global participants, conducted from 22 March to 6 April 2024.