Blind Spots in the Hybrid Cloud

Blind spots in the hybrid cloud

Large gap between perception and reality of cyber security. 93 percent of respondents expect rise in attacks on cloud security.

Gigamon‘s annual report on current trends around hybrid cloud security shows that while confidence in hybrid cloud security appears high on the surface, 94 per cent of global respondents said their security tools and processes provide complete visibility and insight into IT infrastructures. In reality, however, almost a third of security incidents are not detected by IT and security professionals.

Incidents are often detected late

Within the last 18 months, 90 percent of the respondents had to report a security incident. The problem: 31 percent of the incidents were only detected after they had occurred and initially went unnoticed by security and monitoring tools. These security breaches were only detected when corporate data appeared on the dark web, files became inaccessible or the application experience deteriorated due to slow applications (mostly due to DoS or ongoing data exfiltration). This percentage rises to 48 per cent in the US and 52 per cent in Australia.

The good news is that hybrid collaboration is on the rise in IT. 96 percent of IT and security executives worldwide believe that responsibility for cloud security should be shared among all stakeholders. Almost all respondents (99 percent) are also convinced that CloudOps and SecOps share common goals. Nevertheless, there is still much work to be done, because while CloudOps appears to be leading the strategy, 99 percent of respondents complain about the lack of a security-first culture. This means that vulnerability detection is still an isolated task for SecOps teams.

Zero Trust and Deep Oberservability

Around half of respondents say that Zero Trust is critical to their confidence in their organisation’s security. In practice, however, many teams do not have the visibility to enable Zero Trust. However, all respondents confirm the value of Deep Observability in building a solid foundation for Zero Trust. Deep Observability extends the power of metric, event, log and trace (MELT) based security and monitoring tools with real-time information from the network.