Tool spawl, escalating endpoint management workload and opaque east-west traffic were also worrying trends amidst the new workforce phenomenon.
As enterprises and government agencies grapple with how to enable, manage, and secure newly-distributed remote workforces, network visibility is more critical than ever as they adjust to the new IT reality.
One recent survey on network visibility and threat detection has uncovered elements of this new reality, when more than 64% of respondents reported suffering at least one successful attack within the last year, and 59% believed a lack of network visibility posed a high or very high risk to their operations. Another worrying trend in light of the recent large-scale shift to remote-working: 44% of respondents see employee desktops as the most likely attack vector.
But perhaps the most startling statistic was that 98% of respondents were concerned about their ability to see into encrypted traffic, while over 80% identified east-west traffic and network-connected devices as areas of opacity. These gaps in enterprise security revealed in the survey by ExtraHop were accompanied by other findings:
- Growing complexity within the enterprise environment. Over 93% of respondents indicated that they manage more than a thousand endpoints, and almost 90% manage between hundreds to thousands of servers.
- Lack of cloud visibility affects security posture. 40% of respondents identified cloud-based systems as a potential entry point for malicious actors. At the same time, only 17% reported high visibility into their lateral communication inside their network (east–west traffic), including all cloud traffic.
- Need to reduce tool sprawl. The majority of companies used tooling from more than 10 vendors, with nearly one-fifth utilizing more than 20. Some 68% of respondents expressed a desire to reduce the complexity of their systems by reducing the overall number of tools involved in their operations.
Survey author Ian Reynolds noted: “Having visibility of every device and how they are meant to behave on your network is crucial to understanding what constitutes normal traffic and what could be considered a deviation.”
Bryce Hein, SVP of Marketing, ExtraHop, concurs: “At a time when organizations are rapidly transitioning to remote work and cloud usage is surging, network visibility has never been more critical. Organizations need to be able to see into east-west traffic to identify threats in the growing number of cloud workloads, as well as get visibility into which devices are accessing enterprise resources. The fewer tools, less time, and less friction required to get that visibility, the better.”
Easier said than done
The survey also found that, while organizations want more network visibility, there are operational impediments. Lack of staff (62%), lack of time—including having other issues with greater importance—(51%) and lack of appropriate skills in the existing staff (46%) were the leading concerns.
According to Reynolds, machine learning will play a key role in overcoming these challenges. His advice: “Choose tools that use machine learning to provide improved analytics for access to the right data in less time. This might assist in meeting staffing concerns and provide faster resolution of unexpected behavior, threats and incidents.”