After all the hard work, why do security gaps still exist?

JUNE 18, 2018 • PRESS KIT


  • Leading security research firm finds well-equipped criminal armies gaining momentum in threat wars; now outflanking overwhelmed, under-matched IT security teams
  • Polling results from 4,000 security pros discover Perfect Storm of gaps preventing people, processes and technologies from uniting to gain ground in constantly changing threat landscape
  • Lack of visibility is main reason for battle losses; network access control is first step for fighting back
  • Automation, machine learning and other AI-based technologies are best weapons for restoring infrastructure integrity

New Ponemon Institute research explores gaps in IT Security Programs

Why is cybersecurity so hard?

We've all seen the stats on cybercrime, and the numbers keep ticking upward. More attacks, more data breaches, more business disruption. Organizations are spending hundreds of billions of dollars in cybersecurity, but the problem is still getting worse. Nevertheless, the good guys keep pushing ahead.

I've been in cybersecurity for more two decades, and the answer keeps changing. To understand the current state of the IT security gap, Aruba partnered with the Ponemon Institute to survey 3,866 IT and IT security practitioners in Asia-Pacific, EMEA and North America. This is the first in a series of blogs exploring why its so difficult to detect attacks and stop breaches.

The Expanding, Blurring Perimeter is a Big Pain Point

People love their mobile devices and cloud access, but the Ponemon study confirmed the consensus that the attack surface has expanded. In fact, 62 percent of respondents said gaps in their IT infrastructure made it easier to for attackers to penetrate their companies defenses.

Fifty-five percent said its harder to protect the expanding and blurring IT perimeter with the rise of IoT, BYOD, mobile and cloud. Securing IoT devices is particularly challenging, not only from sheer numbers of devices but also because IoT devices are lightweight and often cant be protected with traditional endpoint security.

Security teams know that you cant control what you cant see, but the reality is that IT lacks visibility into what users and devices are on their networks and what theyre doing. Half of the survey respondents admitted that a lack of visibility into what users and device were doing when connected to the IT infrastructure was the main reason for the security gap.

Compromised users, negligent users and IoT devices were the three big worries when it comes to insider risk. Many breaches involve the theft and misuse of credentials for a mobile device, which often provides privileged access to the enterprise.

Making matters worse, its getting harder and harder to find and retain highly skilled cybersecurity pros. Half of the respondents pointed to shortages in IT staffing as the reason for the growing security gap.

Aruba Provides 360-Degrees of Active Protection

At Aruba, were working to make cybersecurity less difficult.

Gaining better visibility into what your users and devices are doing on your network is a crucial step to closing the gap. Aruba is delivering that visibility and control through Aruba 360 Secure Fabric, a framework that provides a set of integrated solutions, including Aruba ClearPass and Aruba IntroSpect.

With Aruba, you can use policy-based controls for access and onboarding of mobile and IoT devices from wired and wireless networks. Components of the fabric use machine learning to detect slowly gestating attacks that have eluded traditional defenses, while proactively responding to these advanced cyberattacks across any network infrastructure. Aruba security solutions are open and integrate with more than 140 technology partners to provide an end-to-end solution.

Security is built into the very foundation of Arubas wired and wireless infrastructure, with unmatched innovation in the areas of encryption, physical hardening and remote access to ensure that user, system and device traffic can always be trusted.

More on Gaps and Solutions

If you're interested in learning more about the security gapand the technologies and processes that security teams rely on in this new threat landscape - download the full research report.


360° of Analytics-Driven Attack Detection and Response


The Aruba 360 Secure Fabric