In our current work-from-home climate, it's more important than ever to have complete visibility across your network in order to monitor behaviors and detect unusual activity and threats within your environment.Below is a synopsis of the\u00a0SANS Network Visibility and Threat Detection Survey\u00a0commissioned by ExtraHop. The report explores the primary issues security professionals face in detecting threats on a network and the role visibility plays. The research highlights important facts, such as:Only 15% of respondents expressed a very high level of confidence that all the devices on their network are discoverable,more than 64% of respondents reported suffering at least one successful attack within the last year,only 2% of respondents are not at all worried about encrypted traffic, andonly 16% of respondents believe they have high visibility into their east\u2013west traffic.The report explores how hybrid network complexity is making it difficult to streamline security practices, dives into the the inhibitors of visibility like advanced encryption, digs into the impediments to making greater use of network data, identifies the most used tools in the security operations center (SOC), and talks about how to fill in the gaps in your network visibility.To find out more about the challenges your security peers are facing,\u00a0download the Network Visibility and Threat Detection full survey results\u00a0and\/or\u00a0watch the SANS webinar\u00a0with the survey's author, Ian Reynolds, and Extrahop security expert, John Smith. Key takeaways are below.Network Visibility and Threat Detection: A SANS SurveyAs organizations continue to move to the cloud, encrypt communications,\u00a0adopt IoT, and manage third-party vendors, the complexity of the network increases. This in turn, impedes visibility, slows operations, and impacts security.For example, of the participating organizations, 59% believe that lack of network visibility poses a high or very high risk to their operations, and 64% of respondents experienced at least one compromise over the past 12 months.Most Organizations Desire To Reduce ComplexityIn the SANS survey, more than 93% of respondents indicated that they manage more than a thousand endpoints, and almost 90% manage between hundreds to thousands of servers. In addition, the majority (68%) expressed a desire to reduce the complexity of their systems by reducing the overall number of tools involved in their operations. Only 6% had no plans, and 9% were unsure. ExtraHopMost Organizations Tie A Lack Of Visibility To Risk... Interesting...Only 38% of respondents had high or very high levels of confidence in their ability to discover all of the devices connecting to their networks, with just 6% expressing a very high level of confidence. That lack of confidence is tied to a perception of higher risk for most organizations. While the majority of respondents (52%) claim high visibility into traffic entering and leaving their network (north\u2013south traffic), only 17% claim the same level of visibility into traffic moving within their networks (east\u2013west traffic). That lack of visibility into east-west traffic is a bit disturbing when you consider the erosion of the perimeter, leaving internal traffic exposed.And, There's The Move To The CloudCloud adoption, coupled with the recent flux of\u00a0remote workers, means the perimeter is dissolving and applications are moving to the edge. With the shift to cloud-based SaaS options, the challenge continues to evolve. And, as remote access has increased dramatically in light of recent events, the requirements and options for flexible access to corporate data have increased. Greater visibility is needed to combat the increase in cloud misconfigurations that are a concern for security and business continuity.Additionally, Encryption Is Becoming More UbiquitousThe report shows that a majority of organizations today use encryption, with approximately 40% of the respondents reporting levels of encryption between 50-74% and another 12% who report 75-100% of traffic encrypted. Many organizations are moving towards adopting\u00a0advanced encryption like TLS 1.3\u2014which is critical for security, but exacerbates the visibility problem. Encryption guarantees the integrity and confidentiality of the data in transit and at rest, but creates blind spots in the network.How This Leads To The Importance Of East-West VisibilityA key takeaway outline in the report is that having visibility into every device and how they are meant to behave on your network is crucial to understanding what constitutes normal traffic and what could be considered a deviation. But as we noted earlier, only 17% were confident that they had visibility into\u00a0east-west traffic. That is disconcerting when you think of how porous the perimeter has become.The Three Technologies You Need Working Together: EDR, SIEM And NDRAs the report indicates, most organizations have adopted EDR and SIEM solutions. But those solutions have some weaknesses: Endpoints can be tampered with, log data can be too noisy and turned off, and as a result, organizations are missing critical data to find threats within the east\u2013west corridor. Building an equivalent capability to monitor and visualize east\u2013west traffic, whether inside the perimeter or in the cloud, has been a challenge for most organizations.The missing link has been Network Detection and Response (NDR). Working together, in\u00a0what Gartner has coined the SOC Visibility Triad, the combined power of EDR, SIEM, and NDR, will now provide complete visibility and decrease the chance that an attacker can operate in your environment undetected.Four Key Takeaways from SANSThe four key takeaways from the SANS Network Visibility and Threat Detection survey are listed below:Know your corporate network and what behaviors and data flows are.Understand that cloud services will alter the way you monitor and protect the organization.Work with the cloud projects to maintain visibility of what changes are happening.Automate repetitive tasks and choose tools that enable machine learning and improved analytics.For more data on these conclusions,\u00a0download the full report\u00a0and\/or\u00a0watch the SANS webinar.Stay safe out there, all!