Sixty-one percent of IT decision-makers in the U.K. cite blind spots as a major obstacle to data protection.
Gigamon has published the results of a commissioned survey, “Hide and Seek: Cybersecurity and the Cloud,” conducted by Vanson Bourne, an independent market research company. The survey polled information technology (IT) and security decision-makers in the U.K., Germany and France about their cloud security preparedness, network visibility issues and EU General Data Protection Regulation (GDPR) readiness. All percentages here reflect survey results from the U.K. respondents. The results of this survey demonstrate that lack of visibility is leaving organisations struggling to identify network data and investigate suspicious network activity tied to malicious attacks. Sixty-one percent of respondents cited network “blind spots” as a major obstacle to effective data protection while 41 percent of those, who do not have complete visibility of their network, reported that they lacked sufficient information to identify threats.
Survey findings pinpoint three root causes of data blindness that are posing network security risks:
The increasing speed and growth of network traffic stresses monitoring and security tools, which are not adept at handling large amounts of traffic. Sixty-seven percent of respondents report that they have not scaled their monitoring and security infrastructure to meet the needs of increased data volume.
High value information is being migrated to the cloud, where security is limited and application data is not easily accessible. Eighty-percent of respondents believe that cloud security is a concern holding their organisation back from adopting the latest technologies. When asked what types of information they are moving to the cloud, 68 percent of respondents reported day-to-day work information and 39 percent cited critical and proprietary corporate information. A large amount of network data remains hidden due to data and tools still being segmented by organisational boundaries. IT and security decision-makers are not able to quickly identify and address threats and security events. Seventy percent of respondents report that because different network data is being utilised between NetOps and SecOps teams, there is no consistent way of accessing it nor understanding it. Forty-five percent of respondents, who do not have complete visibility over their network, report they did not possess information on what is being encrypted in the network.
Network blind spots go hand-in-hand with the lack of readiness for GDPR. Sixty-seven percent of respondents agree that lack of visibility over data makes GDPR difficult. Fifty-eight percent report they do not have a robust GDPR strategy in place with U.K. respondents stating that they have dedicated 20 percent of their IT budget, on average, for GDPR. The lack of GDPR readiness may be a cause for concern as the regulations come into effect May 2018 with heavy fines issued for non-compliance.
“Today’s attackers have the advantage as cybercrime is a thriving economy and attacks are focused on infiltrating the network and stealing important company information,” said Ananda Rajagopal, vice president of products at Gigamon. “More worrisome is how this will impact U.K. organisations’ ability to comply with GDPR requirements. It is imperative for enterprises to adopt a visibility platform that provides visibility and control of their network traffic, and one that’s integrated with their security tools to accelerate threat detection and improve efficiencies.”