Survey finds gaps in security visibility during large-scale shift to remote work
- Published: Friday, 24 April 2020 09:04
ExtraHop has announced the results of a SANS Institute survey, Network Visibility and Threat Detection. According to the report, more than 64 percent of respondents reported suffering at least one successful attack within the last year and 59 percent believe a lack of network visibility poses a high or very high risk to their operations. Perhaps most concerning in light of the recent large-scale shift to remote work, 44 percent of respondents see employee desktops as the most likely attack vector.
As enterprise organizations and government agencies grapple with how to enable, manage, and secure newly distributed remote workforces, network visibility is more critical than ever as they adjust to the new IT reality. The survey exposes key gaps in enterprise security, including that 98 percent of respondents are concerned about their ability to see into encrypted traffic, while over 80 percent identified east-west traffic and network connected devices as areas of opacity.
In addition to identifying critical gaps in network visibility, key survey findings include:
- Growing complexity within the enterprise environment. Over 93 percent of respondents indicated that they manage more than a thousand endpoints, and almost 90 percent manage between hundreds to thousands of servers.
- Lack of cloud visibility affects security posture. 40 percent of respondents identified cloud-based systems as a potential entry point for malicious actors. At the same time, only 17 percent reported high visibility into their lateral communication inside their network (east–west traffic), including all cloud traffic.
- Need to reduce tool sprawl. The majority of companies use tooling from more than 10 vendors, with nearly one-fifth utilizing more than 20. 68 percent of respondents expressed a desire to reduce the complexity of their systems by reducing the overall number of tools involved in their operations.
The survey also found that, while organizations want more network visibility, there are operational impediments. Lack of staff (62 percent), lack of time - including having other issues with greater importance -(51 percent) and lack of appropriate skills in the existing staff (46 percent) were the leading concerns.