Undetected Breaches Rise by 20 Percent: Survey

New research shows1 in 3 organizations were unable to detect a breach in the last 12 months, with just 25 percent able to respond in realtime, revealing a cybersecurity preparedness gap.

The Gigamon 2024 Hybrid Cloud Security Report, an annual survey of over 1,000 Security and IT leaders across Australia, France, Germany, Singapore, UK, and the USA, shows a decline in detection and response capabilities year-on-year (YoY) compared to the company’s 2023 Hybrid Cloud Security Report.

As hybrid cloud environments grow in complexity and threat actors launch a barrage of concealed attacks, 65 percent of respondents believe their existing security tooling cannot effectively detect breaches.

The spectre of AI-powered cyber attacks looms globally, with 82 percent of respondents predicting that AI will increase the global ransomware threat. And yet, despite global information security spending projected to reach $US215 billion in 2024, only half (54 percent) of organizations feel “strongly prepared” to respond to unauthorized access to their hybrid cloud environments.

The results highlight that CISOs continue to bear the burden of regulatory and technological pressures, with 69 percent of CISOs reporting they struggle to detect encrypted threats, compared to 59 percent of the total respondents. 

An alarming 70 percent of CISOs believe their tools aren’t as effective as they could be in detecting breaches, and as a result 59 percent say they would be most empowered by cyber risk becoming a boardroom priority.

Most organizations report critical visibility gaps. The complexity of modern hybrid cloud infrastructure contributes to organizations’ lack of control. 

Three-quarters of respondents agree that East-West (lateral) visibility is more important to cloud security than North-South, yet just 40 percent have visibility into East-West traffic, down from 48 percent in 2023.

Encrypted traffic poses another serious blind spot. Although 83 percent describe gaining visibility into encrypted traffic as a priority, a shocking 76 percent currently trust that encrypted traffic is secure.

Organizations are unprepared for today’s sophisticated attacks. Survey respondents generally acknowledge weaknesses in their tool stack for threat detection. Just 25 percent were able to remediate a live threat in a recent breach.

When tooling fails, organizations suffer more serious consequences, with 31 percent of organizations only detecting a recent breach once they received an extortion threat from the adversary; 31 percent became aware of the breach when proprietary information leaked onto the dark web.

Of greater concern is that 25 percent of respondents ultimately failed to determine the root cause of the breach.

“It is clear that organizations’ tool stacks are falling short, enabling threat actors to exploit blind spots to breach and extort their victims without fear of detection,” said Chaim Mazal, CSO at Gigamon.

“Consider that just 1 in 4 organizations can detect and remediate a live threat. Without realtime, network-derived intelligence and insights into all data in motion, including East-West and encrypted traffic, bad actors will continue to wreak havoc, now with AI accelerating their efforts.”