Big shift to remote work leaves wide gaps in security visibility

Photo by Dimitri Karastelev

Close to two-thirds (64%) of firms reported suffering at least one successful cyber attack within the last year, and 59% believe a lack of network visibility poses a high or very high risk to their operations, according to ExtraHop and SANS Institute.

And perhaps most concerning in light of the recent large-scale shift to remote work, findings of their Network Visibility and Threat Detection report also show that 44% of respondents see employee desktops as the most likely attack vector.

As enterprises and government agencies grapple with how to enable, manage, and secure newly distributed remote workforces, network visibility is more critical than ever as they adjust to the new IT reality.

The survey exposes key gaps in enterprise security, including that 98% of respondents are concerned about their ability to see into encrypted traffic, while over 80% identified east-west traffic and network connected devices as areas of opacity.

“Having visibility of every device and how they are meant to behave on your network is crucial to understanding what constitutes normal traffic and what could be considered a deviation,” writes survey author Ian Reynolds.

Bryce Hein, SVP of marketing at ExtraHop, said firms need to be able to see into east-west traffic to identify threats in the growing number of cloud workloads, as well as get visibility into which devices are accessing enterprise resources.

“The fewer tools, less time, and less friction required to get that visibility, the better,” said Hein.

The survey also found that over 93% of respondents indicated that they manage more than a thousand endpoints, and almost 90% manage between hundreds to thousands of servers.

Also, 40% of respondents identified cloud-based systems as a potential entry point for malicious actors. At the same time, only 17% reported high visibility into their lateral communication inside their network (east–west traffic), including all cloud traffic.

Further, the majority of companies use tooling from more than 10 vendors, with nearly one-fifth using more than 20. And 68% of respondents expressed a desire to reduce the complexity of their systems by reducing the overall number of tools involved in their operations.