Global survey reveals growing inadequacies in cyber threat response
A recent survey conducted by Gigamon has highlighted significant challenges faced by security leaders globally in managing growing cyber threats and breaches. The 2024 Hybrid Cloud Security Survey indicates an alarming increase of 20% in undetected breaches over the past year.
Gigamon's survey involved over 1,000 Security and IT leaders across six countries: Australia, France, Germany, Singapore, the UK, and the USA. The findings point to a concerning decline in organisational capabilities to detect and respond to cyberthreats. Notably, only 25% of surveyed organisations could detect and respond to breaches in real time.
According to the report, 65% of respondents believe their existing solutions are inadequate for effectively detecting breaches. Australia's situation appears particularly dire, with half of the respondents stating that they only realised a data breach had occurred when users were unable to access applications and digital resources.
Security and IT leaders are also worried about the rising threat of artificial intelligence-powered attacks. A substantial 83% of respondents believe that cloud complexity heightens cyber risk, and eight in ten predict AI-driven threats will escalate the global ransomware landscape. Despite forecasts of global information security spending reaching USD $215 billion in 2024, just 54% of organisations feel adequately prepared to tackle unauthorised access within hybrid cloud environments.
The survey revealed that 76% of Australian respondents have previously experienced a data breach, slightly above the global average of 73%. Significant gaps in threat detection capabilities persist, with only 25% of respondents able to effectively remediate live threats during a breach. This figure falls to just 20% for respondents in Australia and Singapore.
Compounding these challenges, 31% of organisations only detected breaches when they received extortion threats from cyber adversaries. A similar percentage became aware of breaches when proprietary information leaked onto the dark web, with this issue being particularly acute in Australia, where the figure is 42%. Furthermore, 25% of respondents failed to determine the root cause of breaches, rising to one-third in Australia, Singapore, and the USA.
The survey highlights critical visibility gaps in hybrid cloud infrastructure, with 85% of respondents identifying cloud security as a boardroom priority. Yet, only 40% have visibility into East-West traffic, a decline from 48% in 2023. Lateral visibility remains particularly low in the UK, where only 30% of respondents reported sufficient visibility.
Encryption has emerged as another blind spot, as 93% of malware attacks reportedly hide within encrypted traffic. Despite this, 76% of survey participants mistakenly trust encrypted traffic to be secure.
Deep observability is being increasingly recognised as essential to modern IT success. More than 80% of respondents agree that unified visibility across hybrid cloud infrastructure is vital for preventing attacks. Additionally, 60% believe improved visibility into all data in motion would significantly bolster the secure deployment of AI technology. In Australia, 89% of respondents see cloud security as a board-level concern, reflecting high levels of awareness about the risks involved.
Mark Jow, EMEA Technical Evangelist at Gigamon, noted, "Cyber risk is firmly in the spotlight this year, with governments and boardrooms finally recognising its place at the very top of the business risk register. And yet cybercriminals are evading detection over a third of the time. Today's MELT-based (Metrics, Events, Logs, and Traces) approaches are no longer enough, as organisations need 360-degree visibility across the hybrid cloud."
The survey also shed light on the experiences of Chief Information Security Officers (CISOs). A significant proportion, 59%, feel most empowered when cyber risk is a board priority. However, 69% struggle with detecting encrypted threats, and three-quarters report their security teams are overwhelmed by sprawling tool stacks.
Chaim Mazal, Chief Security Officer at Gigamon, commented on the survey findings, stating, "Security leaders are under pressure from governments to reduce cyber risk. But without real-time, network-derived intelligence and insights into all data in motion, including East-West and encrypted traffic, bad actors will continue to wreak havoc, now with AI accelerating their efforts."