State of Security 2025: Network & Infrastructure

proudly sponsored by
Sekuro
Auscert
Brennan
Saviynt
Sysdig
Logicalis
Lumen
Gigamon

It’s been many years since on-premises network infrastructure was the primary asset that a security professional needed to protect. As the complexity of technology architecture has evolved, so too have the threats that are levelled against it.

Over the past decade infrastructure and network security specialists have invested in a variety of architectures and technologies, from Virtual Private Networks (VPNs) and Zero Trust

Architecture (ZTA) to network segmentation, and Secure Access Service Edge (SASE) services, along with a vast range of tools for threat detection and identity management.

These investments have been necessary to protect networks whose complexity has exploded thanks to the greater propensity for users to access services from anywhere, and to the number of endpoints having also leapt dramatically thanks to the Internet of Things.

 

Now the challenges for network security professionals are being further compounded by a rise in supply chain attacks, which are requiring more stringent assessments of the risks within with the tools they rely on. Gartner has predicted that this year will see 45 percent of organisations worldwide experience attacks on their software supply chains – a three-fold increase from 2021.

If that wasn’t enough, there is the ever-present spectre of artificial intelligence, which plays the role both as a villain when in the control of newly empowered attackers, or as a saviour when incorporated into defensive strategies and tools.

With so much happening in the world of network architecture, it’s little wonder that Fortune Business Insights valued the global network security market at US$24.5 billion ($38.5 billion) in 2024, with predictions it will grow to US$72.9 billion ($114.2 billion) by 2032. And this is despite the accompany massive growth in cloud ecosystems.

According to Gartner’s research vice president for cloud security and security operations, Craig Lawson, the growth of cloud and SaaS solutions has done little to affect spending on security in the on-premises world.

“I think there is probably tens of billions of that stuff lying around, and the vendors are still reporting healthy product sales,” Lawson said. “The pot of gold is growing slowly but the form factors are moving around.”

According to Gartner, one of the strongest areas of disruption is presented by AI, which has the potential to enable transformation in security while embedding resilience into the organisation. Gartner has found that many security leaders have achieved early success through pilot programs that are creating momentum for additional incremental security implementations.

Gartner also found that AI could assist by maturing of security behaviour and cultural programs within organisations, while offering guidance and guardrails for the increased use of autonomous AI security technology.

At the same time, security professionals also need to be hardening protections for assets that traditionally have been off the radar of attackers – the industrial control systems that are used to manage assembly lines, utility networks, and building control systems - with many attacks making the leap from connected IT systems.

All of which suggest the ongoing efforts to defend networks and infrastructure remaining a complex and evolving battle.

University of Queensland puts emphasis on infrastructure assets

University of Queensland has placed considerable emphasis on network and infrastructure security and, according to its director of cyber security and AUSCERT director David Stockdale, it is “starting to see good results from this work.”

“We are actively looking at how we manage our asset base, right from discovery through to the end of the life cycle and decommissioning,” Stockdale said.

“Most of the security issues in this area are down to vulnerabilities, and the fact that we have a lot of asset means that quite often you can have a lot of active vulnerabilities.

“Understanding where those vulnerabilities are, and understanding the additional controls you may have to protect the organisation whilst the vulnerability is unpatched is key; but we are a large organisation and like many, this is a challenge that continues.”

Browse by Category

Click on the tiles below to see how each of the categories are responding to security threats in their sector.

Security Champions

The 2025 State of Security sponsors have worked tirelessly to improve the safety of end user organisations.

We are proud to present this year's State of Security champions, and showcase the work they do.

Sekuro
Auscert
Brennan
Saviynt
Sysdig
Logicalis
Lumen
Gigamon

Log In

  |  Forgot your password?