A staggering 44% of CISOs were unable to detect a data breach in the last 12 months using existing security tools. Moreover, nearly three-quarters (70%) of CISOs feel their current security tools are ineffective at detecting breaches due to limited visibility.
These were two of the findings of a recent report from Gigamon that surveyed more than 1000 global security and IT leaders.
Modern cybersecurity is about differentiating between acceptable and unacceptable risk,” says Chaim Mazal, CSO at Gigamon. “Our research shows where CISOs are drawing that line, highlighting the critical importance of visibility into all data-in-motion to secure complex hybrid cloud infrastructure against today’s emerging threats. It’s clear current approaches aren’t keeping pace, which is why CISOs must reevaluate tool stacks and reprioritize investments and resources to more confidently secure their infrastructure.”
These findings suggest huge amounts of wasted cybersecurity investment. In October 2023, Gartner projected that information security spending would reach $215 billion in 2024. It’s disconcerting that so many organizations, despite significant investment in cybersecurity measures, are still failing to protect themselves from threats.
Akhil Mittal, Senior Security Consulting Manager at Black Duck, offered insights into the challenges faced by organizations in the cybersecurity landscape. He emphasized that the problem extends beyond mere visibility gaps or tool overloads, pointing to a deeper issue of strategic alignment within companies.
“The Gigamon report highlights a growing disconnect between security spending and actually detecting breaches,” said Mittal. “But the real issue isn’t just about visibility gaps or tool overload—it’s about a cultural shift at the top. CISOs are under pressure to keep adding tools to manage threats, but the problem isn’t always a lack of technology. It’s the need to simplify.”
This failure to simplify security strategies and over-willingness to purchase new solutions has resulted in tool sprawl, which, in turn, has led to unnecessarily complicated security environments and blind spots. The Gigamon report reveals that despite 69% of respondents complaining of tool sprawl, 86% said they were spending money on security tools.
“Instead of responding to complexity with more complexity, organizations should streamline their defenses, focus on tools that deliver real insights, and reduce noise to give security teams the space to address genuine threats,” Mittal continued.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
