Cloud
Addressing Blind Spots in the Hybrid Cloud

Written by Mark Jow, EMEA Technical Evangelist, Gigamon
With the rapid growth of the hybrid cloud market, businesses are experiencing numerous benefits. According to a study by Amazon Web Services, cloud computing is projected to add almost $181 billion to the UAE’s economy by the year 2033. Further reports reveal that in 2021, the adoption of cloud computing in the UAE contributed an astounding 2.26% to the country’s GDP, uplifting the economic value to $9.5 billion.
However, security has emerged as a significant challenge. In a recent survey conducted by Gigamon, we found that 90 percent of IT and Security leaders across EMEA, APAC and the US have experienced a data breach in the last 18 months. We also uncovered that over 70 per cent of IT security leaders admit they allow encrypted data to flow freely across their IT infrastructure. It seems therefore that there’s an industry-wide lack of awareness about blind spots and the complexity and risks in maintaining security in hybrid cloud environments.
How to identify blind spots
Going back to the basics, blind spots are areas within a hybrid cloud infrastructure that are not adequately reached by traditional security and monitoring tools. These areas remain hidden from view, hindering effective data collection and analysis and therefore compromising security.
The good news is that IT and Security professionals are increasingly becoming aware of the importance of avoiding blind spots: our research uncovered that unexpected blind spots being exploited are a major concern to CISOs. To address this concern, CISOs and their teams are embracing deep observability to provide complete visibility across their entire infrastructure. This is achieved by harnessing immutable, precise and actionable network-derived intelligence to amplify the power of existing tools, eliminating blind spots both on-premise and in the cloud, and providing greater visibility and understanding of an organisation’s security posture and potential threats.
Encrypted traffic and limited visibility
Yet there is still work to be done. There’s a huge underestimation of blind spots and what these consist of, considering only 30 per cent of organisations have visibility into encrypted traffic. Moreover, 35 per cent of respondents reported limited visibility into containers, and less than half (48 per cent) had visibility of east-to-west traffic, which involves the lateral movement of data within the hybrid cloud infrastructure. These limitations further contribute to the existence of unobserved segments in the hybrid cloud.
The impact of unrecognised blind spots
As a result, nearly one-third of breaches go undetected by IT and Security professionals and their tools, as identified in the latest survey that included 1000 IT professionals across EMEA, the US, Australia and Singapore. The failure to recognise blind spots significantly hampers the ability to effectively protect sensitive data and respond to security incidents. While surface-level confidence appears high, with 94 per cent of global respondents to our survey believing their security tools provide complete visibility, it’s clear this perception is simply not the reality of hybrid cloud security.
The hybrid cloud is inherently complex, and traditional security and monitoring tools are often insufficient in addressing blind spots in this area. To effectively eliminate blind spots and narrow the perception vs. reality gap in hybrid cloud security, CISOs and their teams must actively prioritise deep observability. By leveraging actionable network-derived intelligence, businesses can amplify the power of existing security and observability tools and gain comprehensive visibility of their complete hybrid cloud estate.
Implementing deep observability will significantly accelerate progress in improving visibility into containers, east-west traffic and encrypted data to bolster security and totally eradicate the blind spots that are keeping today’s CISOs up at night.
Cloud
Proofpoint Boosts UAE Investment to Meet Growing Demand for Cloud Cybersecurity Services

Proofpoint has announced that its human-centric security solutions would be delivered through a local data centre in Dubai, United Arab Emirates. The launch was announced during Proofpoint’s Protect Tour in Dubai this week, during a keynote delivered by Sumit Dhawan, CEO at Proofpoint.
Trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000, Proofpoint’s comprehensive AI-driven cybersecurity solutions help organizations navigate today’s complex threat landscape with confidence, delivering robust protection. Available in Q1 2025, Proofpoint’s offerings will enable UAE-based customers to comply with local data residency policies and meet regulatory compliance.
The cyber threat landscape in the UAE continues to evolve. While Emirati CISOs continue to fear cyber-attacks, they are demonstrating increasing confidence in their ability to defend against them. Proofpoint’s 2024 Voice of the CISO Report reveals that two-thirds (66%) of CISOs in the UAE feel prepared to cope with a cyberattack, an increase from 43% last year. This growing confidence may be attributed to the 89% of Emirati CISOs surveyed looking to deploy AI-powered capabilities to help protect against human error and advanced human-centered cyber threats.
To address this, Proofpoint’s ongoing investments in the region will help organizations in the UAE address human-centric cybersecurity risks, providing the opportunity to benefit from Proofpoint’s market-leading email security solutions, running through an in-country data centre. Proofpoint Email Protection is the only AI/ML-powered, cloud-based threat protection platform that disarms today’s advanced attacks, including email fraud, ransomware, weaponized URLs, multifactor authentication (MFA) bypass for credential phishing, and more.
“Organizations in the United Arab Emirates face a rapidly evolving threat landscape and our main objective over the coming years is to continue protecting even more companies in the region, with innovative, AI-powered solutions,” said Sumit Dhawan, CEO at Proofpoint. “Our solutions being delivered through local a data center underscores our unrelented investment in a key region for us and highlights our commitment to keep pace with the region’s accelerating digital transformation. This will enable organizations in the UAE to roll out multi-layered, cloud-native cybersecurity protection that safeguards people and data from today’s biggest threats, while keeping their data in-country.”
Proofpoint Middle East by the Numbers:
- Proofpoint is trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000 and protects more than 1,200,000 employees across the Middle East.
- Proofpoint’s Middle East customer base saw a growth of more than 20% in 2024, with continued growth at-pace expected in the coming years
- Since 2019, Proofpoint has increased its employee base by more than 40% across the region
- Proofpoint works with over 550 partners across the Middle East, Turkey & Africa
“Organisations in the Middle East are leading the charge in implementing cybersecurity measures to protect their customers from today’s threat landscape,” said Emile Abou Saleh, Vice President, Northern Europe, Middle East, Turkey and Africa at Proofpoint. “At Proofpoint, we remain committed to empowering organizations with the tools and knowledge needed to safeguard their most valuable assets—their people. With our solutions being delivered through a local data center, we will bring our industry-leading human-centric cybersecurity to more organizations in the region, while better meeting local customer and regulatory needs.”
Cloud
SolarWinds Survey: Only 18% of IT Professionals Satisfied with Cloud Infrastructure

According to new data from SolarWinds, less than one in five (18%) IT professionals believe their present cloud infrastructure satisfies their business needs, indicating a large disconnect between expectations and reality when it comes to cloud adoption. The research, based on a survey of 272 global IT professionals, shows that despite the cloud’s promises of scalability and cost savings, the reality is mixed for many IT teams: only a quarter of those surveyed (25%) feel their organisation’s approach to the cloud is carefully considered and successful, while 23% admit their hybrid cloud strategy has created an overly complex IT environment. Despite this, less than a quarter (22%) of respondents have invested in external IT services to help with their cloud migration strategy.
In response to these cloud challenges, more than one in ten (16%) respondents have already repatriated workloads back to on-premises. Meanwhile, a further 12% acknowledge that poorly planned cloud transitions have already resulted in long-term financial impacts on their organisations. This goes to show that rushed cloud migrations can lead to costly fixes or reversals.
The data also indicates a lack of trust in cloud security, with nearly half (46%) of IT pros still storing their most sensitive data on-premises due to persistent security worries. However, the findings do highlight a continued focus on cloud strategies to reduce costs. Nearly a third (29%) of respondents say they are prioritising cloud migration to cut operational costs.
Commenting on the findings, Sascha Giese, Global Tech Evangelist at SolarWinds, said, “The truth is, managing complex hybrid-cloud ecosystems isn’t easy. While the cloud promises scalability and cost savings, the gap between expectation and execution is becoming increasingly evident. In this landscape, many businesses find themselves grappling with overly complex infrastructures that struggle to meet evolving needs.”
In a hybrid cloud world with increasingly complex networks, systems, devices, and applications, managing microservices and containers adds to the challenge. Without proper planning and comprehensive visibility, organisations risk finding themselves in a dire situation. Tool sprawl, information silos, and alert fatigue can all lead to an unpleasant cloud experience, making it harder to identify the root causes of complex issues.
“To overcome these challenges, IT leaders must adopt a more strategic and informed approach to cloud migration, focusing on tools that are reliable, secure, and accelerate modernisation. One key advantage businesses can leverage to successfully manage their hybrid cloud infrastructures is comprehensive observability. That means gaining real-time visibility into every layer of the IT estate and acting proactively with the assistance of machine learning algorithms and AI-driven analytics. Cloud infrastructure can be a powerful growth enabler, but with a mess of mismatched tools and poor visibility, it will be a bumpy ride,” added Giese.
Cloud
Fortinet Boosts Cloud Security by Introducing Lacework FortiCNAPP

Fortinet has announced the general availability of Lacework FortiCNAPP, a unified, AI-driven platform to secure everything from code to cloud from a single vendor. “Lacework FortiCNAPP is based on Lacework’s proven cloud-native application protection platform with tight integration with the Fortinet Security Fabric,” said John Maddison, Chief Marketing Officer at Fortinet. “We’re pleased to expand our cloud-native security offerings and provide the industry’s most comprehensive, full-stack cloud security platform that empowers teams to seamlessly eliminate risk across their multi-cloud environments.”
The introduction of Lacework FortiCNAPP offers additional benefits that extend beyond Lacework’s leading offering. These include automated remediation and blocking of active runtime threats and enhanced visibility into FortiGuard Outbreak Alerts, which provide key information about new and emerging threats and the risk they pose within an organization’s environment.
As customers continue to adopt cloud infrastructure and services, they are quickly realizing that traditional security tools simply lack the native capabilities required to address the scale, velocity, and dynamic nature of the cloud. Security teams are fundamentally challenged by the lack of time to address cloud security at scale due to limited cloud security knowledge, a proliferation of cloud security products that do little to help customers resolve issues, and an overwhelming number of security and compliance alerts.
With Lacework FortiCNAPP, Fortinet simplifies and strengthens cloud security with a unified platform from a single vendor that brings together multiple tools to significantly cut down the time to detect, prioritize, investigate, and respond to cloud-native threats. Lacework FortiCNAPP introduces a unique AI approach that never stops learning, maximizing cloud security with minimal time and effort for development, operations, and security teams by automatically connecting risk insights with runtime threat data, and ensuring that the most critical issues are prioritized and addressed.
Fortinet enables customers to address all their cloud security needs by delivering key features such as:
- A unified platform: Fragmented tools create complex, expensive, and limited protection. As a platform, Lacework FortiCNAPP provides full visibility from code to cloud and correlates build and runtime risk and threat data to prioritize what matters most.
- AI-based anomaly detection: Given that cloud threats evolve as quickly as the cloud itself, creating rules for every potential attack scenario is nearly impossible. Lacework FortiCNAPP’s AI-based anomaly detection allows security analysts to detect previously undefined attack patterns that traditional rules-based systems cannot accomplish.
- Integrated code security: Code security integrated with cloud security empowers teams to address issues at the earliest and most cost-effective stage in the application life cycle. By offering code security as an integral capability within the platform, customers can save time and money by fixing security issues, and reducing the risk of vulnerable applications and infrastructure while maintaining developer productivity and innovation velocity.
- Composite alerts: Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various signals into a single, high-confidence composite alert. The platform uses behavioural analytics, anomaly detection, in-house threat intelligence, and insights from cloud service provider activity logs and threat services to identify active attacks, including compromised credentials, ransomware, and crypto-jacking.
- Integrations with the Fortinet Security Fabric: Integrations with Fortinet solutions such as FortiSOAR enable customers to streamline their response to active runtime threats, such as compromised hosts and compromised access keys, through automated remediation playbooks. Additionally, its integration with FortiGuard Outbreak Alerts helps teams understand how Lacework FortiCNAPP delivers enhanced visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.
- Cloud Infrastructure Entitlement Management (CIEM): Lacework FortiCNAPP provides CIEM with complete visibility into cloud identities and their permissions. It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted versus used permissions. Each identity is assigned a risk score based on more than 30 factors, helping prioritise high-risk identities. Lacework FortiCNAPP also offers automated remediation guidance for right-sizing permissions, ensuring least-privileged access.
-
Cyber Security1 week ago
Dubai Hosts GISEC 2025, Driving Billion-Dollar Cyber Growth
-
Cyber Security6 days ago
GISEC 2025 Launches OT Security Conference Amid 49% Infrastructure Attack Surge
-
Cyber Security1 week ago
DESC to Highlight Dubai’s Cyber Defense Strategies as GISEC 2025 Government Partner
-
Cyber Security1 week ago
GISEC Global 2025: A Vital Platform to Connect With Customers and Partners in the Region
-
Artificial Intelligence6 days ago
CyberKnight Partners with Ridge Security for AI-Powered Security Validation
-
Cyber Security1 week ago
Inside the Shadowy World of Investment Scams: How Fraudsters Use Facebook and Fake News
-
Cyber Security1 week ago
Rising Cyber Insurance Pressures Push UAE Firms to Fix Identity Silos and AI Vulnerabilities
-
Cyber Security6 days ago
Huawei Experts Reiterate the Importance of a Unified Cybersecurity Foundation at GISEC Global 2025