Gigamon survey reveals CISO priorities for 2025

CISOs around the world acknowledge waning confidence in securing today’s hybrid cloud infrastructure, shifting focus toward gaining visibility into all data-in-motion.

  • Wednesday, 16th October 2024 Posted 1 month ago in by Phil Alsop

Gigamon has unveiled priorities for global CISOs going into the new year, highlighting the challenges that come with today’s tightening budgets and increasingly sophisticated cyber threats. The Gigamon “CISO Insights: Closing the Cybersecurity Preparedness Gap” report, based on the company’s 2024 Hybrid Cloud Security Survey, highlights the current state of cybersecurity based on responses from 234 CISOs in Australia, France, Germany, Singapore, UK, and the USA.

The Gigamon report data reveals a widening security gap, with CISOs falling behind as cybercriminals outpace their organization’s cybersecurity defenses. Despite global information security spending projected to reach $215 billion in 2024, nearly half (44 percent) of CISOs surveyed reported they were unable to detect a data breach in the last 12 months using existing security tools. CISOs identified blind spots as a key issue, with 70 percent of CISOs stating their existing security tools are not as effective as they could be when it comes to detecting breaches due to limited visibility.

“Modern cybersecurity is about differentiating between acceptable and unacceptable risk,” says Chaim Mazal, CSO at Gigamon. “Our research shows where CISOs are drawing that line, highlighting the critical importance of visibility into all data-in-motion to secure complex hybrid cloud infrastructure against today’s emerging threats. It’s clear current approaches aren’t keeping pace, which is why CISOs must reevaluate tool stacks and reprioritize investments and resources to more confidently secure their infrastructure.”

As organizations revisit security strategies this Cybersecurity Awareness Month, the Gigamon survey data highlights the following focus areas CISOs are prioritizing as they plan for 2025:

Gain Visibility into Data-in-Motion

Blind spots across hybrid cloud infrastructure are a top concern for 8 out of 10 CISOs, with 81 percent agreeing that cloud security is dependent upon gaining complete visibility into all data-in-motion. This includes visibility into lateral (East West) traffic and encrypted traffic, where 93 percent of malware hides today, creating a perfect opportunity for cyber criminals to breach a network. As a result, gaining visibility into encrypted traffic was listed as a priority for 84 percent of CISOs.

Optimize Existing Security Investments

Overinvestment in new security tools has led security teams to struggle with sprawling tool stacks. Coupled with the growing costs associated with data storage and management, CISOs are under immense pressure to optimize their existing security investments. Three-quarters of CISOs (76 percent) report being overwhelmed by the increasing volume of threats detected from a growing number of tools on an increasing number of assets. As a result, 6 in 10 CISOs listed tool consolidation and optimization as their number one priority for remediating blind spots.

Support AI Investments to Counter Growing AI Cyber Threats

CISOs are increasingly concerned about the potential for AI to fuel the growth of global ransomware threats, with 83 percent expecting a significant impact in the coming year. While deepfakes have garnered much attention, the more pressing threat is the volume and quality of cyberattacks that AI can enable. AI is empowering novice attackers with advanced capabilities and accelerating the discovery of exploitation techniques, underscoring the need for greater, more comprehensive visibility. Nearly half (46 percent) of CISOs will use security automation and implement AI to remediate visibility gaps.

Achieve Deep Observability Across Cloud Infrastructure

As CISOs evaluate increasingly complex hybrid cloud environments, greater visibility is the common goal, with 82 percent agreeing that deep observability – the ability to deliver network-derived intelligence and analysis to cloud, security, and observability tools – is a foundational element of cloud security. Deep observability goes beyond traditional monitoring, providing real-time insights into all network traffic based on network telemetry, including encrypted data and lateral traffic. This comprehensive view is crucial for identifying and mitigating cyber threats in real-time, which is why 85 percent of CISOs agree that having access to packet-level data and rich application metadata can unlock deeper insights, strengthening security posture.

The importance of this comprehensive visibility is also reaching the boardroom, with 81 percent of CISOs reporting that their boards are discussing deep observability as a priority to better secure and manage hybrid cloud infrastructure, reinforcing its importance for 2025 budget planning.

“Today’s CISOs recognize that security and observability are intrinsically connected,” said Stephen Elliott, group vice president, IT Operations, Observability, and CloudOps at IDC. “The network provides a crucial layer of context that can inform security operations and vice versa, which is why modern security teams are leveraging network-derived intelligence and insights to understand the true impact of a threat and prioritize their responses accordingly.” 

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 4 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 4 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 4 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 4 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 4 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.