While “platformization” has been a hot topic in 2024, it has also been a year in which security professionals have looked to advanced, highly specialized tools to help them solve thorny problems that not only persist but seem to grow more challenging by the day. Among these are acute alert fatigue, a steady erosion of network visibility, and a growing sophistication in cyberattacks.
Among the specialized tools security professionals are looking to are Network-based Threat Detection (NTD) solutions, such as Network-based Intrusion Detection Systems (NIDS) and Network-based Threat Detection and Response (NDR). To better understand the state of Network Threat Detection and whether today’s solutions and supporting technologies— like deep packet inspection— are meeting contemporary security challenges, Cybersecurity Insiders surveyed its 600,000-member information security community. The survey reveals that while NTD tools are widely deployed and positively viewed, they must evolve if they are going to help security professionals meet significant present-day and emerging challenges.
Key findings:
ALERT ISSUES
• Alert prioritization is the #1 overall operational challenge for security teams
• Alert accuracy & actionability is cited as the greatest challenge with NIDS specifically
VISIBILITY CHALLENGES
• No (or poor) global attack surface visibility is the #2 overall operational challenge
• Encrypted traffic is the #1 network blind spot, which 55% report negatively impacts security
DESIRED PRODUCT ENHANCEMENTS
• AI integration: 71% consider AI integration extremely or very important for combatting advanced threats
• Automatic scoring & prioritization of threats named the #1 must-have for an effective network threat detection solution
DEPLOYMENT PLANS & PREFERENCES
• Majority (66%) plan to implement anomaly detection over the next 6 to 24 months; only 17% report
having an NTD solution now that uses anomaly detection
• Majority (59%) prefer standalone NTD solutions (DPI sensor, NIDS, NDR, XDR) to NTD within multi-
function security platforms (e.g., SASE, SSE)
Experts from Enea, Arista Security, and Custocy discuss options and strategies for addressing the needs and concerns raised in this survey in a panel discussion. We invite you to watch the webinar “2024 State of Network Threat Detection” on November 14, 2024, or afterwards on-demand.
Many thanks to Enea, Arista Security and Custocy for supporting this important research project, with special gratitude to Enea for their invaluable contribution to this report.