Proactively eliminating blind spots in the midst of threat

IT leaders are currently facing a hybrid cloud security conundrum. While the hybrid cloud market is going through impressive growth, the multiple benefits around the agility and scalability that come with hybrid cloud infrastructure are paired with serious concerns about its security.

Recently Gigamon surveyed over 1,000 IT and security leaders across the globe and found that 93% predict an uptick in cloud-based attacks. Despite this, half are either confident or completely confident that they are secure within their own hybrid cloud infrastructure.

Perhaps this confidence is a result of the growing collaboration: our data shows that in the vast majority of organisations (99 %), CloudOps and SecOps are now working towards a common goal, and it’s actually CloudOps that are leading on a security strategy for most (69%).

Yet everything is not as it seems for hybrid cloud security: 99% of respondents claim that a lack of a security-first culture means vulnerability detection is often siloed to the SecOps team, and many lack one crucial component — deep observability.

In fact, we’ve identified that critical blind spots from cloud to on-premises are undeniable, underestimated, and misunderstood.
So, are security leaders blind to blind spots?

We define blind spots as segments across a network and cloud where security and monitoring tools may not reach, meaning data cannot be sufficiently collected and analysed; therefore, areas become hidden from view.

Any IT or security professional will recognise that this must be avoided at all costs to ensure hybrid cloud security, as we simply cannot manage and protect what we cannot see.

In fact, our research shows that unexpected blind spots being exploited is the leading stressor for IT and security leaders across the globe, acknowledged by over half we spoke to (56%).

Respondents also highlight several areas where visibility doesn’t go far enough. 70% of surveyed claimed their organisations enable encrypted data to flow freely, despite reports showing 93% of malware hides behind encryption.

Furthermore, 35% have limited sight into containers, and just under half (48%) have visibility across east-west traffic (data moving laterally). It seems there is an underestimation of exactly what a blind spot consists of and the dangers of leaving segments of the hybrid cloud infrastructure unobserved.

The outcome? Nearly one in three breaches are going undetected by IT and security professionals and their tools. This statistic rises to a concerning 52% in Australia and 48 % in the U.S.

These unrecognised blind spots are part of a wider trend in the data indicating that many IT and security leaders’ perception of their hybrid cloud security doesn’t match reality.

While surface-level confidence is high, with 94% of global respondents stating their security tools and processes provide them with complete visibility, the reality is that one-third of CISOs lack confidence about where their most sensitive data is stored and how it is secured.

And while this is a global issue, the perception-versus-reality gap is exemplified in Singapore: more than a quarter (26%) of respondents have unwavering confidence that they’re completely secure, yet 43% admit limited container visibility, and all have suffered a data breach in the last nine months.

Clearly, traditional security and monitoring tools are not going far enough, and it’s critically important that CISOs and their teams look to achieving deep observability by harnessing actionable network-derived intelligence to amplify the power of these tools to eliminate blind spots from on-premises and the cloud.

Only then we will see steps to successfully solve the hybrid cloud conundrum, eradicate blind spots, and close the gap between hybrid cloud security perception and reality.