Data at risk: Prioritising visibility in the cloud

Danielle Kinsella at Gigamon explores the “whys” and “hows” of prioritising visibility to safeguard data in the cloud

 

Today’s business and digital landscapes are evolving at an unprecedented pace, and the acceleration of AI technologies within enterprise environments has further driven significant shifts in the expectations of both internal and external stakeholders.

 

As a result, organisations cannot afford to stand still when it comes to leveraging, securing, and providing access to data, and decision-makers have increasingly migrated their data to the cloud. 

 

Recent global studies show that 94% of all companies worldwide now use cloud computing in some capacity, whether in a public, private, hybrid or multi-cloud infrastructure and 85% of organisations are forecasted to embrace a cloud-first principle by the end of 2025. In doing so, they hope to unlock benefits such as scalability, cost efficiency, enhanced security, flexibility, accessibility and innovation. 

 

However, cloud environments have also increasingly become a prime target for cyber-criminals with many attackers quickly adapting to exploit these infrastructures. Studies show that 45% of breaches globally are cloud-based, and 80% of companies have experienced at least one cloud security incident in the last year.

 

While cloud migration has its benefits, it also opens the door to new and evolving security risks, with data as the primary target. It is crucial for organisations to have robust cloud security practices in place, not only to protect their most valuable digital assets but also to stay ahead of increasingly sophisticated cyber-threats.

 

Breaches cannot not go unnoticed

As cloud environments grow more complex, driven by dynamic configurations and constant change, security teams and CISOs face mounting challenges in maintaining complete visibility over vulnerabilities and potential breaches. 

 

Recent global studies have indicated that one in three breaches go undetected by existing security tools. Despite having systems in place to identify and react to threats, many organisations still fall short. Often detecting breaches too late, if at all. In fact, 25% report being unable to identify the root cause of a breach or respond in real-time. This not only leaves them exposed but also prevents them from learning how to stop the same attack from happening again. 

 

Organisations cannot afford to be unaware of when their data is being compromised. Attackers are not standing still. They’re evolving as quickly as the technologies used to defend against them. While organisations adopt advanced cloud infrastructure to improve agility and performance, threat actors are leveraging technological advancements to launch faster, more sophisticated attacks.

 

In this environment, failing to detect a breach isn’t just a technical gap, it’s a strategic vulnerability. Without the ability to see threats as they happen, organisations risk falling into a cycle of repeated, preventable compromise.

 

Modern threats: easier to launch, harder to detect

Rapid innovation has made it easier for cyber-criminals to conduct sophisticated attacks. Furthermore, they have also democratised the level of skill and knowledge needed to launch these attacks, essentially lowering the barrier to entry for attackers.

 

AI and machine learning now allow threat actors to automate and enhance their tactics, enabling them to automate complex processes, generate malicious code, and execute large-scale attacks with speed and precision.  

 

This threat is only amplified by the widespread adoption of cloud services, especially since all cloud traffic is automatically encrypted. While encryption is essential for protecting sensitive data, it also creates blind spots, making it harder for security teams with limited visibility to identify threats.

 

Hiding behind encrypted data provides the perfect environment for cyber-criminals to transverse laterally within an organisation’s network, allowing them to go undetected for weeks or sometimes even months, waiting for the opportune time to attack. 

 

The question is no longer whether attackers are inside; it’s whether organisations have the visibility to detect and stop them before they cause any real damage.

 

Visibility, regardless of the circumstances

Rather than relying on the assumption that their data in the cloud is safe, organisations must ensure they have deep, granular visibility into all data in motion, at all times. This couldn’t be more critical today, as studies indicate that 93% of malware now hides behind encrypted traffic. 

 

With deep observability, organisations gain real-time insights into all network activity—encrypted or not. This level of visibility enables security teams to detect anomalies and pinpoint threats before they escalate. Whether the data is travelling vertically or laterally across the network, network telemetry provides the context needed to distinguish normal and malicious activity, often making the difference between preventing attacks or constantly becoming victims.  

 

Complete network visibility isn’t a luxury but a cornerstone of modern security strategy. To truly secure their crown jewels sitting on the cloud, organisations must make visibility a strategic priority. 

 

---

 

Danielle Kinsella is Gigamon’s Technical Advisor EMEA

 

Main image courtesy of iStockPhoto.com and Coral222