Lancope is now part of Cisco Learn MoreLancope Arrow About Cisco
Detecting Cyber Security Threats

Network Security Monitoring: Closing the Visibility Gap

Susanne Keenan

As networks continue to evolve with trends such as the cloud and the Internet of Things (IoT) and cyberthreats become more sophisticated, effective, and well-funded, many organizations are struggling to gain visibility into their network traffic. Network security monitoring has arisen as a popular and effective way to address this issue.

According to the Enterprise Strategy Group (ESG) report Network Security Monitoring Trends, which was commissioned by Cisco, security professionals place a high value on network security monitoring. Eighty percent of survey respondents say network security monitoring is critical , and another 17 percent say it is important to their organization’s overall cybersecurity strategy.

One of the reasons network security monitoring is so crucial is because it has many different applications and use cases. For example, 42 percent of respondents use it to proactively “hunt” for suspicious behavior, 35 percent use it to detect traffic that could indicate a security breach, and a quarter use it to enable continuous monitoring for risk management.

Challenges to Network Security Monitoring

However, organizations face some major challenges when it comes to Network Security Monitoring. Network blind spots and a lack of visibility are chief among them.

Thirty-one percent of respondents say their top challenge is blind spots where they have limited or no visibility. Forty-two percent of those respondents say they have trouble monitoring non-corporate devices on the network, 39 percent say they have blind spots regarding user behavior monitoring, and 39 percent report having blind spots on internal Wi-Fi networks.

These blind spots hinder the overall effectiveness of network security monitoring, increase risk, and reduce the security team’s ability to detect and respond to security events.

Despite challenges, investment is increasing

While security professionals are frustrated by these challenges, they understand the value of network security monitoring. Many CISOs appear intent on maintaining or increasing their organization’s network security monitoring capabilities. Forty-one percent of security professionals expect their organization to significantly increase investment in network security monitoring technologies, training, and resources over the next two years. Another 50 percent expect their organization to slightly increase investment during the same time frame.

ESG also asked participants about their strategic priorities in regards to network security monitoring. This revealed that organizations plan to invest in training around network security monitoring to address a lack in skilled personnel and in new types of technology, focusing on scalability, ease of use, and intelligent analytics. They also reported a desire to integrate their network security monitoring technology with network and security operations tools.

Given the value of network security monitoring in today’s threat landscape, this investment trend is not surprising. As networks continue to grow in complexity and threat actors become more sophisticated and effective, organizations need an eye on their network traffic to quickly detect and respond to malicious activity. Network security monitoring can grant visibility and situational awareness to security personnel and serves as a vital component to a strong enterprise security strategy.

To learn more about the benefits and challenges of network security monitoring, read our report Network Security Monitoring: Closing the Visibility Gap. For the full report from ESG, click here.


More from this contributor:

Modern enterprise networks are larger and more complex than ever before, and defending them against sophisticated attacks can be difficult if the...