Deep observability required to fight sophisticated security threats - report
Gigamon, the deep observability company, has announced the findings of a new research study from IDC, conducted with more than 900 IT leaders from around the world, which offers CIOs, CISOs, and their IT organisations invaluable insights to drive performance, protection, and productivity with observability across their digital infrastructures.
The IDC White Paper also affirms that harnessing the power of network-derived intelligence and insights is critical in detecting today's increasingly sophisticated security threats across hybrid and multi-cloud infrastructure.
With 95% of organisations claiming to have experienced a ransomware attack in 2022, security remains top of mind for IT leaders regardless of their industry.
According to the IDC White Paper, more than 60% of respondents believe that today's observability solutions serve narrow requirements and fail to provide a complete view of current operating conditions.
To address today's rapidly evolving security requirements, enhancing traditional observability capabilities that rely on metrics, events, logs, and traces (MELT) with real-time network-derived intelligence and insights is essential to mitigate security risks across hybrid and multi-cloud infrastructure, the researchers state.
Only with this deep observability can organisations find the greatest value from observability across both on-premises systems and cloud services, core and edge components, and cybersecurity functions.
Mark Leary, Research Director with IDC, comments, "Networking, cybersecurity and observability are becoming intertwined. IT organisations are looking to leverage an immutable source of truth and more collaborative management efforts to break down siloed technology approaches, position themselves for long-term success, and, ultimately, deliver the best possible business outcomes.
"Deep observability must be prioritised as IT organisations look to fully realize the transformational promise of a resilient and responsive digital infrastructure and continually maintain a strong security posture to meet today's digital business requirements."
Key findings include the following:
- The top cited benefits of observability include security (34%), staff productivity (33%), and digital/user experience (25%). Observability also delivers a mix of both tactical (e.g., resolution, continuity, tracking) and strategic (e.g., experience, governance, innovation) benefits.
- More than 75% of organisations use or plan to use deep observability solutions to support automation efforts in future years. Deep observability can enable a hierarchical platform-based approach in which detailed data and artificial intelligence (AI)/machine learning (ML) - driven analysis can produce a single source of truth, converge data and tools, and enable talent to deploy, operate, repair, and enhance digital infrastructures in a timely manner.
- The market will see increased investments in cloud services over the next few years, with over half of respondents (51%) citing it as a priority. In fact, 72% of organisations strongly agree that cloud service intelligence should be leveraged to optimise costs and secure information. Cost from technical debt and the complexity of supporting multiple generations of infrastructure are some of the biggest barriers for organisations in achieving their digital infrastructure resiliency goals.
- Network-derived intelligence can support adherence to SANS 20 Critical Security Controls, potentially eliminating 98% of possible attack vectors. Today, over 50% of respondents state that they actively share network intelligence across IT teams, and more than 60% of organisations are making progress in leveraging these insights in their security management practices.
Chaim Mazal, Chief Security Officer of Gigamon, says, "Over 90% of organisations operate in a hybrid and multi-cloud world, yet security blind spots remain a significant barrier for technology leaders looking to get the most out of their cloud investments.
"This research not only points to the critical role that deep observability plays in securing complex cloud environments but the necessary convergence of NetOps and SecOps teams in fortifying modern cybersecurity practices. Gigamon is leading the industry into the next stage of observability, rooted in cross-functional team collaboration, proactive detection, and threat remediation."
The findings are based on a survey, conducted by IDC, of over 900 global IT leaders across North America, APAC, and EMEA, which included a mix of major industries (financial, manufacturing, retail/wholesale, healthcare, transport/utilities, education, government, and professional services).
All respondents held roles of manager or above, with key decision-making responsibilities for observability functions and solutions that span across IT operational domains, including networking, security, and cloud.