Organizations are struggling to detect increasingly sophisticated breaches, with over one-third reporting their security tools fail to identify breaches, according to Gigamon.

As hybrid cloud environments grow, 65% of respondents doubt their solutions’ effectiveness. Cloud complexity and AI-powered attacks increase cyber risks, with 83% citing cloud complexity as a concern. Despite projected global information security spending of $215 billion in 2024, only 54% feel well-prepared for unauthorized access in hybrid clouds.

Threat detection tools are acknowledged as weak. Only 25% remediated a recent live threat, with Germany at 30% and Australia/Singapore at 20%. Breach detection often occurs post-extortion threat (31%) or dark web data leaks (31%), rising to 42% in Australia.

Root cause analysis is lacking, with 25% failing to identify breach origins, increasing to 33% in Australia, Singapore, and the US. Complex hybrid cloud infrastructure and poor East-West visibility contribute to control issues. Although 85% prioritize cloud security at the board level, only 40% have East-West traffic visibility, down from 48% in 2023.

Encryption is another blind spot. Despite 93% of malware hiding in encrypted traffic, 76% trust encrypted traffic’s security. Tool strategies are critical, with 80% agreeing that unified visibility into hybrid cloud infrastructure is essential. Greater data-in-motion visibility is seen as key to deploying AI securely.

CISOs face heavy burdens, with 59% needing cyber risk as a board priority and 69% struggling with encrypted threats. Seventy percent believe their tools are inadequate, and 75% report their teams are overwhelmed by tool stacks.

Gigamon’s data is based on an online survey of 1,033 global respondents.

For additional context:

“Cyber risk is now top of the business risk register, yet over a third of breaches go undetected,” said Mark Jow, EMEA Technical Evangelist at Gigamon. “MELT-based approaches are insufficient; organizations need 360-degree visibility in hybrid clouds.”

“Tool stacks are falling short,” said Chaim Mazal, CSO at Gigamon. “Without real-time, network-derived intelligence into all data in motion, including East-West and encrypted traffic, AI-powered attackers will continue causing damage.”

CISOs bear significant regulatory and technological pressures, with 69% struggling to detect encrypted threats and 70% questioning tool effectiveness. Detection challenges and overwhelming tool stacks highlight the need for better security strategies.