Wire Data Is Now Nuber One Network Data Source for Security Incidents: Twelfth Annual “State of the Network” Survey from VIAVI
Viavi Solutions Inc. has released the results of its 12th annual State of the Network global study of enterprise networking challenges.
The study data reflects that more than 4 in 5 IT teams are involved in security efforts, and a majority of them report an increase of at least 25 percent in time spent on these efforts over the past 12 months. The most striking conclusion is that network-based conversation wire data has become the top data source for security incidents, with its use tripling, demonstrating that threat levels have driven enterprises to seek the most reliable forensic data available. The study is now available for download.
The State of the Network study captured the insights of Network Operations (NetOps) and Security Operations (SecOps) professionals worldwide, highlighting their challenges in security, performance management and deployment of new technologies.
Eighty-three percent of network teams are now engaged in supporting security issues, and of those, 91 percent spend up to 10 hours or more per week dealing with increasingly sophisticated security threats. As hackers continue to circumvent existing security tools — even those with AI or machine learning — additional strategies are needed to quickly identify and contain security threats, the consequences of which can be devastating.
- Network teams are critical to protecting business resources and strengthening IT security. Significant increases in threat workloads were reported, with 74 percent of respondents stating they spend up to 10 hours or more per week on security. Three out of four of those teams report an increase of at least 25 percent of time spent over the past 12 months.
- When asked how the nature of security threats has changed in the past year, IT teams identified a rise in email and browser-based malware attacks (59 percent), and an increase in threat sophistication (57 percent). Significant numbers of respondents also reported increases in exfiltration attacks on database servers (34 percent), application attacks (33 percent), DDOS attacks (32 percent) and ransomware attacks (30 percent).
- Wire data has taken a central role in resolving suspected or known security threats, with 71 percent of respondents reporting that they used packet capture and 46 percent reporting that they used flow data, compared to 23 percent and 10 percent respectively in the 2017 State of the Network study.
- NetOps teams play an active role in aiding SecOps before, during and after a threat has been detected, due to an increase in volume and sophistication of security threats.
- Respondents highlight the importance of understanding normal network behavior and the ability to quickly hunt for malefactors when suspicious activity is noted.
- Collaboration between SecOps and NetOps has accelerated, maximizing security initiatives and minimizing resolution time to limit negative impact to the business and customers.
- While NetOps teams pivot to assist with security, they are still challenged to maintain acceptable service performance and end-user experience, despite the rapid deployments of new technologies and large increases in network traffic loads.
- Network team role in security increases: Over 80% of network teams play a role in security efforts including investigations and clean-up, implementation and configuration of security tools, and proactive threat-hunting.
- Security presents multiple challenges: correlation with network performance, breach containment verification, and data/visibility gaps top the list.
- Problem domain isolation remains top obstacle: 55% struggle to determine whether problems are caused by the network, system, or application.
State of the Network Global Study Methodology
VIAVI (and previously Network Instruments) has conducted its State of the Network global study for 12 consecutive years, drawing insight about network trends and painting a picture of the challenges faced by IT teams. Results were compiled from the insights of over 600 respondents, including network engineers, IT directors, security engineers and CIOs from around the world. In addition to geographic diversity, the study population was evenly distributed among networks and business verticals of different sizes. Study questions were designed based on a survey of network professionals.