Although global spending on information security is expected to reach $215 billion in 2024, 44% of CISOs surveyed reported that they were unable to detect a data breach in the past 12 months using current security tools, according to Gigamon.
Blind spots undermine breach detection
CISOs identified blind spots as a key issue, with 70% of CISOs stating that their current security tools are not as effective as they could be when it comes to detecting breaches due to limited visibility.
Modern cybersecurity is about distinguishing between acceptable and unacceptable risks, says Haim Mazal, chief organizations officer at Gigamon. “Our research shows where IT managers draw this line, highlighting the critical importance of visibility into all data in motion to secure complex hybrid cloud infrastructure against today's emerging threats. It is clear that current approaches are not keeping pace, which is why CISOs must re-evaluate their data sets.” tools and reprioritize investments and resources to secure their infrastructure with greater confidence.
Blind spots across hybrid cloud infrastructure are a top concern for 8 out of 10 IT managers, with 81% agreeing that cloud security depends on having complete visibility of all data in motion. This includes visibility into both east and west side traffic and encrypted traffic, where 93% of today's malware hides, creating the perfect opportunity for cybercriminals to infiltrate the network. As a result, gaining visibility into encrypted traffic was listed as a priority for 84% of CISOs.
Overinvestment in new security tools has left security teams struggling with sprawling tool sets. Combined with the increasing costs associated with storing and managing data, IT managers are under tremendous pressure to improve their current security investments. 76% of IT managers report feeling overwhelmed by the increasing volume of threats detected from an increasing number of tools on an increasing number of assets. As a result, 6 in 10 CISOs list integrating and improving tools as their top priority for addressing blind spots.
Artificial intelligence raises concerns among CISOs
IT managers are increasingly concerned about the potential for AI to fuel the growth of global ransomware threats, with 83% expecting a significant impact in the next year. While deepfakes have received a lot of attention, a more immediate threat is the scale and quality of cyberattacks that artificial intelligence can enable. AI empowers novice attackers by providing them with advanced capabilities and accelerating the detection of exploitation techniques, underscoring the need for greater and more comprehensive visibility. 46% of IT managers will use security automation and apply AI to address visibility gaps.
As IT managers evaluate increasingly complex hybrid cloud environments, increased visibility is a common goal, with 82% agreeing that deep observability — the ability to deliver network-derived information and analytics to cloud, security, and observability tools — is a key component of cloud security.
Deep monitoring capability goes beyond traditional monitoring, providing real-time insights into all network traffic based on network telemetry, including encrypted data and lateral traffic. This comprehensive view is critical to identifying and mitigating cyber threats in real time, which is why 85% of IT managers agree that access to package-level data and rich application metadata can unlock deeper insights, strengthening their security posture.
This comprehensive view is also important to the boardroom, as 81% of chief CISOs report that their boards are discussing deep observability as a priority to better secure and manage hybrid cloud infrastructure, reinforcing its importance for 2025 budget planning.
“Today’s IT managers understand that security and observability are intrinsically linked,” said Stephen Elliott, group vice president of IT Operations, Observability and CloudOps at IDC. “The network provides a critical layer of context that can inform security operations and vice versa, which is why modern security teams leverage network-derived information and insights to understand the true impact of a threat and prioritize their responses accordingly.”
