CISOs prioritise visibility into data-in-motion security

Global Chief Information Security Officers (CISOs) are prioritising enhanced visibility into data-in-motion, as per a new survey by Gigamon, amid tightening budgets and rising cyber threats.

The "CISO Insights: Closing the Cybersecurity Preparedness Gap" report, based on responses from 234 CISOs across six countries, highlights an ongoing struggle for organisations to keep pace with cybercriminal activity. This concern remains prevalent even as global information security spending is expected to reach USD $215 billion in 2024.

In Australia, 39 percent of security teams reported being unable to detect a data breach with their current tools over the past 12 months. Globally, nearly half of the surveyed CISOs faced similar challenges, emphasizing blind spots as a critical issue. According to the survey, 70 percent of CISOs believe their existing security tools fall short in providing adequate breach detection due to these blind spots.

Chaim Mazal, Chief Security Officer at Gigamon, stated, "Modern cybersecurity is about differentiating between acceptable and unacceptable risk. Our research shows where CISOs are drawing that line, highlighting the critical importance of visibility into all data-in-motion to secure complex hybrid cloud infrastructure against today's emerging threats. It's clear current approaches aren't keeping pace, which is why CISOs must reevaluate tool stacks and reprioritize investments and resources to more confidently secure their infrastructure."

The need for comprehensive visibility into data-in-motion is a significant focus area for CISOs. Eighty-one percent acknowledge the dependence of cloud security on such visibility, primarily due to 93 percent of malware concealing itself within encrypted and lateral network traffic. In Australia, 92 percent of respondents expressed agreement on the necessity of visibility into encrypted traffic.

Overwhelmed by existing tool stacks, CISOs are opting for optimisation of current security investments over new acquisitions. Seventy-six percent indicated they are swamped by the volume of detected threats resulting from numerous tools monitoring an increasing number of assets. Consequently, 60 percent of respondents cited tool consolidation and optimisation as top priorities.

The survey also indicates a rising concern about AI-fuelled cyber threats. Eighty-three percent of CISOs anticipate a significant impact from AI-driven ransomware in the near future and consider AI both a challenge and a necessity for enhancing cybersecurity postures. In Australia, 51 percent of security leaders plan to implement AI solutions to address visibility gaps.

Achieving deep observability within cloud infrastructure is crucial, as 82 percent of surveyed CISOs agreed. This entails obtaining real-time network traffic insights, including those involving encrypted and lateral data, to strengthen security through enriched intelligence and analysis. Eighty-five percent valued access to packet-level data for better identifying and mitigating threats.

The demand for deep observability has reached the boardroom, according to 81 percent of CISOs who report their boards are prioritising the topic for enhanced security management and visibility in hybrid cloud settings.

Stephen Elliott, Group Vice President, IT Operations, Observability, and CloudOps at IDC, commented, "Today's CISOs recognize that security and observability are intrinsically connected. The network provides a crucial layer of context that can inform security operations and vice versa, which is why modern security teams are leveraging network-derived intelligence and insights to understand the true impact of a threat and prioritize their responses accordingly."