Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Data Centre Solutions is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Data Centre Solutions Video magazine contains the latest Zoom interviews with experts in the industry.
Today, it’s hard to find an organisation that doesn’t claim security as a key business priority. Yet 91% of Security and IT leaders admit they’re making compromises in their security strategies. This statistic risks creating the perception that what was once seen as a failure is now becoming the norm, and implying that security compromises are no longer the exception, but a frequent reality.
Stakeholders are placing increasing pressure on CISOs and their security teams to deliver agility, reduce cost, and keep up with AI's exponential demand. In response, teams are forced into making difficult decisions: prioritising speed over visibility, sidelining data quality, and integrating new environments, very often faster than they can be secured. Much of this is done under the broad and shifting mantra of “acceptable risk”, a term that for some organisations changes in meaning and significance depending on the organisation's goals at any given point in time.
As hybrid cloud environments grow more complex and attackers emboldened with AI become more sophisticated, organisations must reflect on an increasingly uncomfortable truth: the more they continue to compromise today, the harder it becomes to meet the challenges of tomorrow.
Compromises are in fashion
Though this would have been unimaginable years ago, security leaders are being pressured into making compromises, often in a deliberate and calculated manner. As cloud environments expand, AI deployments accelerate, and infrastructure grows more fragmented by the day, the demand on security teams now exceeds what existing tools and architectures were ever built or conceived to manage.
Our latest Hybrid Cloud Security Survey , which featured responses from over 1000 security and IT leaders, shows that these trade-offs are often happening in the most critical areas. Nearly half of the respondents lack clean, high-quality data to support secure AI workload deployment. The same number of respondents admit to having insufficient visibility across their hybrid cloud environments, particularly in lateral and encrypted traffic, which remains one of the most critical yet worryingly overlooked areas for threat detection. A further 47% point to tool integration as a key area of compromise, emphasising the strain of managing sprawling and siloed tech stacks that still fail to give comprehensive insight.
The perception of risk is also changing. 70% of Security and IT leaders now consider public cloud infrastructure the most vulnerable part of their environment. Concerns over governance, persistent blind spots, and the difficulty of maintaining control across distributed architectures have replaced the early optimism that once accompanied cloud adoption.
In today’s working environment, there is a risk that compromise could become operationalised, and what was once a one-off occurrence could become a constant. The consequences of this will extend far beyond mere tactical inconvenience. Each trade-off will inevitably introduce ambiguity into risk calculations, increasing the likelihood that a blind spot mutates into a breach. Over time, the cumulative effect of these decisions will become clear, with the slow, often imperceptible erosion of security standards that were once considered non-negotiable.
The weeds are coming up through the cracks
The consequences of compromises are gradually starting to becoming increasingly evident across every layer of the organisation. This year, the percentage of organisations reporting a security breach rose to 55%, a 17% increase from last year. Furthermore, nearly half of security leaders told Gigamon that their current tools are falling short in detecting breaches they’ve faced. These failures are not a result of under investment. Rather, they stem from environments that have outgrown traditional controls, environments where more data, alerts, and tools do not automatically translate into stronger protection.
Despite its popularity among security leaders, acquiring more security tools doesn’t always guarantee better defence against cyberattacks. On average, organisations manage 15 different security tools across their hybrid environments. Yet 55% admit those tools are not as effective as they should be. Instead of helping security teams, this tool sprawl often adds friction, expensive tool overlaps and creates gaps. Oversaturation leads to noise rather than insight, and overlapping capabilities generate confusion rather than clarity whilst at the same time increasing costs. While organisations are managing this complexity, attackers are adapting and accelerating their tactics. This leaves defenders in a constant state of catch-up.
Now, many organisations are having to face the music. The decisions made to sacrifice visibility, data quality, and tool integration are starting to show their impact. No longer able to defer or avoid the reality, organisations must address these issues head-on.
Visibility, the equation balancer
Risk remains obscured without clear insight into where data travels and how it behaves, leaving organisations unable to make any informed, strategic and secure decisions. 88% of Security and IT leaders say access to network-level data is essential for securing AI deployments, which reflects a broader shift in mindset. Traditional telemetry is no longer enough. Organisations now require deep observability – actionable insights to reduce risk and improve governance by integrating network derived telemetry including packets, flows and meta data with existing metrics, events, logs and traces.
Such comprehensive visibility is the only way organisations can know which parts of their environment is secure and which are most vulnerable. It enables organisations to gain the situational awareness that they need to detect and prevent breaches, as well as respond effectively when incidents occur. More importantly, achieving this level of visbility and clarity can help move the industry away from normalising security compromises towards restoring the standards that should never have been negotiable.
The pressure to compromise will not disappear, but neither should the resolve to uphold strong security standards. Refusing to settle for short-term fixes is the first step towards building a strong security posture and long-term resilience.
