Mark Jow, Field CTO EMEA, Gigamon.

Today’s technology landscape is becoming riskier, with the proliferation of large cybercrime organisations, sophisticated attacks, and the targeted use of AI. There’s a lack of infrastructure and resources, a shortage of skilled professionals, and a lack of cyber regulation and compliance standards. Mark Jow, Field CTO EMEA at Gigamon, analyses the biggest threats and the most effective solutions.

“Sophisticated and highly organised bad actors are launching targeted attacks that include phishing, smishing – a combination of SMS and phishing – AI-enabled attacks using personal social media as an entry point, and even ‘embedding’ employees in an organisation to launch insider attacks,” Jow says.

“Security tools often focus on north-south visibility, but neglect east-west visibility,” Jow adds. North-south visibility refers to the flow of data between the internal network of an organisation, and the external internet or other networks. East-west visibility focuses on traffic flows within a network in order to pick up, and block, security threats. Gigamon can assist organisations with detection and response in all these critical areas.

Telemetry underpins good security. This is the process of gathering, analysing and interpreting data from the network environment. Many organisations rely on the telemetry obtained from log files, but this can be irrelevant, and bad actors have found ways to manipulate log files as they are mutable. The one source of information that does not change is network traffic. Combining telemetry with modern network traffic analysis gives a more complete picture of security threats, and this is Gigamon’s area of expertise.

Gigamon is a leader in the network telemetry pipeline. “We set the standards for global network visibility, providing deep observability that is crucial for zero trust security to be implemented,” Jow says. “This is why our technology is used by 80% of the Fortune 100 companies, and all of the top 10 government agencies.”

Deep observability is the term used to describe full, network derived telemetry, including flows, metadata, and multiple networks, including datacentres, public and private cloud. All network traffic is examined, including devices at the edge. “Any device connected to a network can potentially be breached,” Jow says. “Unmanaged devices like handheld scanners connected up to a network can represent a point of vulnerability. Breaches can also occur when a third party service provider is compromised.”

As the public cloud grows and 5G rolls out, speeds will be colossal and organisations will be able to put more capability at the edge. However, without good visibility of traffic, there is a greater risk that operational technology devices can be hit. Telemetry has to be precise, and you need the ability to see every movement at network level. Without network visibility, zero trust is a myth.

Bad actors often centre their attacks on the cloud, knowing that there are gaps that can be used to gain access. Encryption technology is commonly used for security, but bad actors also use it. Organisations often lack the budget and knowhow to decrypt and check information is safe.

Gigamon not only gives an organisation full network visibility, but also helps decrease IT costs by optimising data traffic, maximising tool efficiency, lowering cloud expenses, and simplifying management to enhance security and operational efficiency. “To improve your defences, focus on east-west traffic, make the best use of tools that serve multiple functions, and focus on collaboration between teams. There needs to be cooperation and understanding between the CISO and the CFO,” Jow says. “Have robust controls in place that include your suppliers and customers, with a tight end-to-end supply chain that focuses on strengthening the weakest links. Information that is highly secure, and does not require ultra high speed computing, is better off in the private cloud for security purposes.”

To learn more about Gigamon and Deep Observability visit deepobservability.com