Imagine discovering someone has been secretly living in your house, wandering from room to room, helping themselves to your food, and subtly shifting your possessions, without you ever noticing.
This eerie phenomenon, known as “phrogging,” can persist for weeks, even months. Now, translate this to your enterprise network. Most security teams focus on locking the doors and watching who comes in and out: the North-South traffic crossing the perimeter. But the problem is, once an intruder goes past your defences and comes inside, they move quietly across servers, workloads, and containers — along the network’s hallways: the East–West lanes.
The chilling question is: Would you even notice?
APAC: a growing risk landscape
With the rise of cloud computing and microservices, East-West traffic has grown to rival — or in some cases exceed — North–South traffic within data centres, creating more opportunities for attackers to move laterally unnoticed.
The urgency of East-West visibility is clear across APAC. According to the Gigamon 2025 Hybrid Cloud Security Survey, 72% of security and IT leaders in Singapore prioritise East-West (or lateral) visibility over traditional North-South monitoring for cloud security. Yet nearly half (47%) lack confidence in detecting malicious movement within their networks using current tools. This is a critical gap. Despite increased investments to secure their perimeters, over half (51%) of Singaporean respondents reported breaches in the past year.
Regionally, the situation is just as alarming. Sophisticated attacks increasingly exploit East-West blind spots. In APAC, system intrusions now account for 80% of breaches, more than doubling from 38% the previous year, according to Verizon’s 2025 Data Breach Investigations Report. Malware was involved in 83% of cases, and ransomware in 51% of incidents.
A stark example occurred in June 2024, when Indonesia’s National Data Centre suffered a LockBit ransomware attack that disrupted critical services, including airport immigration systems, and impacted over 200 public agencies. Once inside the government cloud, attackers moved laterally across systems, infecting machines with malware, deleting files, and disabling services, underscoring the severe threat posed by East-West movement.
Compounding these risks are third-party vulnerabilities. In the Philippines, 84.5% of enterprises experienced at least one supply chain breach in 2024, with nearly a third unable to detect compromises originating from their vendors, according to a study conducted by cybersecurity firm BlueVoyant. This highlights that blind spots extend beyond individual networks, making East-West visibility critical not only internally but across extended ecosystems to detect and contain lateral threats before they spread.
Why conventional telemetry falls short
Security operations centres (SOCs) have long relied heavily on telemetry — signals like metrics, events, logs, and traces that provide insights into system activity and performance. These signals are essential, but also fragile. Logs can be deleted or never created, agents disabled, and the sheer volume of events from containerised environments can drown out real threats. Attackers know this and use legitimate admin tools, short bursts of encrypted traffic, and carefully timed data exfiltration to evade detection.
Unlike logs, network packets can’t be tampered with. This is the principle behind deep observability: complementing traditional signals with real-time, unfiltered data from across your systems, both in the cloud and on-premises, to give security and performance teams a clearer, more complete picture of what’s going on.
Building East-West visibility: a new playbook
Modern threats demand a new security playbook; one built not just around stronger perimeters but full visibility inside the network. East-West traffic is central to this shift. Today’s most dangerous threats, from ransomware to advanced persistent threats (APTs), which unfold over time and are often executed by well-resourced (and patient) attackers, move laterally across systems and exploit blind spots between workloads, clouds, and containers while traditional defences look the other way.
In this new playbook, organisations begin by capturing internal traffic from virtual machines, cloud environments, and containers, and feeding it into a unified pipeline. This pipeline filters out noise, de-duplicates packets, and adds context, turning large volumes of raw data into focussed, actionable intelligence without sacrificing forensic detail.
Think of it as transforming raw footage into a highlights reel, surfacing only what matters most to incident responders.
A major barrier to this visibility used to be encryption, which often conceals malicious activity. However, modern security solutions now decrypt traffic in transit for inspection and re-encrypt it before delivery, helping uncover hidden threats without compromising privacy or overwhelming security tools. Armed with this enriched dataset, security teams can detect low-and-slow behaviours typical of APTs: unauthorised lateral access, suspicious file movements, or unusual spikes in outbound encrypted traffic. These early signals are often invisible to traditional tools.
This deeper visibility also strengthens incident response. Teams can trace the path of an attack across internal systems, enabling faster containment and reduced dwell time.
Most importantly, East-West observability supports zero-trust practices. It validates segmentation policies, detects misconfigurations, and helps close internal blind spots. In a Gigamon-commissioned survey, 90% of Singaporean respondents linked deep observability (defined as the combination of log data with network telemetry) to successful zero-trust implementation. This suggests the approach is increasingly seen as a foundational element of modern cyber resilience.
Why East-West visibility is essential for modern security
East-West visibility is often seen as a technical task, but its impact is fundamentally strategic. No one would knowingly tolerate a stranger secretly living in their home, quietly raiding the fridge, sleeping in their bed, slipping through rooms unnoticed. Yet this is precisely the kind of silent intrusion many organisations risk by overlooking East-West visibility in their security strategy.
The message for APAC leadership is clear: Locking the front door is no longer enough.
By turning on the lights wherever data moves, organisations remove the intruder’s advantage. According to the Gigamon 2025 Hybrid Cloud Security Survey, 88% of Singaporean security leaders say deep observability is now being discussed at the board level to better secure hybrid cloud infrastructure.
Deep observability addresses this critical blind spot by providing visibility into internal network activity, including encrypted traffic where malicious behaviour often hides. In doing so, organisations can detect threats earlier, respond faster, and operate more precisely.
For those navigating today’s complex digital landscape, East-West visibility is no longer optional. It is the foundation of a resilient security posture. Because in cybersecurity, just like in your home, true safety is not only about a locked door, but about knowing what is happening inside every single room.
