How NANO Corp is revolutionising network security with end-to-end observability

“There can be no security without observability,” says Fanch Francis. However, achieving observability in modern infrastructure environments is particularly difficult for a number of reasons, including the sheer number of service providers, multi-cloud environments, increasing data rates and siloed NOC and SOC teams using a variety of solutions.

Businesses face a number of challenges as they embark on their digital transformation, and failure to address them can have very costly consequences. For example, a single hour of downtime in a data centre can cost up to $300,000 (€274,000).

According to Francis, observability is the ability to see, understand and monitor a network effectively. The main goals are to keep it running smoothly and ensure it is secure. This becomes especially important when an attacker’s average detection time, known as “dwell time”, is 9 months.

Trend towards hybrid networks

“Whether they are industrial, virtual, used for data centres, telecoms or the cloud, networks have always coexisted, but in distinct ways. What’s changing today is their increasing hybridisation,” explains Fanch Francis. Public and private companies are now increasingly expected to manage networks that are both on prem and on cloud and support peripheral and central systems or information technology and operational technology.

Complexity of network segments and wide range of specialist providers

One of the characteristics of these network segments is the wide range of providers, each specialising in managing a particular segment. “For each segment, there are myriad companies that are highly specialised in that specific area. However, when two segments converge, it becomes very difficult to find a solution that provides end-to-end coverage. The challenge for companies is to find a solution with unified monitoring,” says Fanch Francis.

Rapidly increasing data rates and performance expectations

This end-to-end observability becomes even more critical as data rates and performance expectations continue to rise, particularly in the operational technology and data centre segments. “If we look specifically at the core data centre, the standard is evolving. It is moving from 40 Gbit/s to 100 Gbit/s, resulting in a shortfall in capability due to generation effects. To avoid any blind spots, we need to cover an entire network across all its segments, standards and technologies,” says Fanch Francis.

Capabilities also need to be merged at team level. The days when infrastructure and network architecture specialists and security experts never communicated are long gone. “With the development of DevSecOps skills in particular, teams are becoming as hybrid as the networks they manage. As a result, they need to be observable from the perspective of quality of service and performance, and from the perspective of security. A lack of performance can be an indicator of an attack, and vice versa,” Fanch Francis adds.

Cybersecurity: the power of complementary solutions

It is essential for CIOs and CISOs to recognise that there is no single, totally autonomous cybersecurity solution. Today’s enterprise cybersecurity landscape is a mix of complementary tools that interact with each other.

“Famous as they are, standalone tools such as endpoint detection and response (EDR) have their limits. By its very nature, EDR is an ‘active agent on a known machine’. As an active agent, it has the potential to become an attack vector. And the fact that it is limited to a known machine means that shadow IT, orphaned and unmanageable machines, as well as IoT and IIoT devices, are not covered. As a result, network detection and response (NDR) makes a significant contribution to end-to-end enterprise security, forming part of the SOC Visibility Triad of SIEM (security information and event management), EDR and NDR,” explains Fanch Francis.

Observability platforms: a booming market

The value of the worldwide market for observability platforms is expected to grow from $2.17 billion (€1.9 billion) in 2022 to $5.55 billion (€5 billion) by 2032, at a compound annual growth rate of 8.2%, according to research firm Future Market Insights.

North America dominates the sector with a market share of 32.9%. Sales in Europe were $115.7 million (€105 million) in 2022, giving it a market share of 30.7%. Its compound annual growth rate is expected to be 4.2% over the forecast period.

The observability solutions segment dominates the market, with a 56% share in 2021. This growth is due to the widespread adoption of these solutions in various industries such as finance, manufacturing and infrastructure equipment. The public sector, however, is expected to see the highest growth rate (18.1%).

At a time when cyber threats are escalating and networks are becoming increasingly complex, there has never been a more crucial time to adopt robust, integrated observability solutions.