An analysis of the latest Gigamon study on the perceptions of German security and IT decision-makers
Cyber security has long been one of the most critical areas of action in companies. This makes it all the more important for those responsible to assess their own situation realistically.
But this is precisely where the problem lies: a recent study by Gigamon reveals striking contradictions between the self-image of German IT and security decision-makers and the reality.
The contradictory approach to encrypted data traffic
The discrepancy is particularly evident in the area of encrypted data streams.
- 84% of those surveyed emphasise that transparency is a top priority in this area.
- 80% even see it as an essential part of their security strategy.
At the same time, however, 73% admit that they trust encrypted data traffic in principle. More than a third (37%) do not decrypt data at all for reasons of cost and complexity. Almost half (47%) consider it likely that they will never check encrypted data in detail.
This is a risky fallacy, as attackers are increasingly hiding malware in encrypted traffic. Research by WatchGuard shows that this has contributed significantly to the 94% increase in network malware.
Self-confidence instead of realism
In addition to the naive attitude towards encrypted data traffic, other beliefs emerge that seem to be based more on self-confidence than on facts. For example, 85% are convinced that they can detect malware even in encrypted data. 79% believe that they can detect data theft despite encryption. 83% consider their tools sufficient to handle the increasing volume of network data. 86% trust the quality of the data in their security solutions. And 85 percent believe they are capable of effectively deploying AI-based security systems.
Despite this self-assessment, 63% of companies have been victims of at least one successful attack in recent years. In 31% of cases, the cause could not even be identified – a clear indication of glaring gaps in security architectures.
Causes: dynamics, complexity and compromises
The challenges are multifaceted. Attacks are becoming more sophisticated, often supported by AI – whether in the form of phishing, ransomware or deepfakes. At the same time, corporate IT is growing steadily, driven by the cloud, remote work and new applications. In addition, network data volumes are rising rapidly; 30 percent of respondents even report that they have more than doubled.
The result: security environments are becoming highly complex. Many tools are only partially effective, as 56 percent of respondents confirm. It is also particularly alarming that 95 percent of decision-makers are making security compromises – for example, through limited transparency, fragmented solutions or poor data quality.
The path to greater realism: deep observability
How can the gap between aspiration and reality be narrowed? The study suggests that greater visibility is the key. Companies must ensure transparency down to the network level – including encrypted and lateral data streams.
This is where the concept of deep observability comes in. MELT data (metrics, events, logs, traces) is consolidated with network telemetry and, after in-depth analysis, forwarded to security and monitoring solutions. This gives companies real-time insight into data streams, applications, identities and activities.
The result: suspicious behaviour is detected more quickly, attacks can be stopped at an early stage – and, above all, IT teams are given a realistic basis for assessing their own capabilities and the effectiveness of their security architecture.
Conclusion
The Gigamon study shows that German IT and security decision-makers are very confident – but often without the necessary basis for this confidence.
There is a dangerous gap between wishful thinking and the actual threat situation.
Only those who create transparency down to the encrypted data traffic level, consolidate high-quality security data and monitor their entire IT landscape holistically can close this gap. Deep observability offers a promising approach to this – and the opportunity to finally bring self-perception and reality into alignment.
