(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.)
As the network engineers and architects who design, build, and manage enterprise networks collaborate more and more with their counterparts in information security and cybersecurity, they face challenges that can hamper their efforts.
Over the past few years, more than 75% of IT organizations have observed an increase in these teams working together to ensure the reliability and security of new digital initiatives, tops among them being cloud adoption, work-from-anywhere, data-center modernization, and the internet of things (IoT).
Unfortunately, only 39% of organizations believe they’ve been fully successful with this collaboration. Why aren’t more doing better?
The need for quality data
Data is the biggest issue. More than 27% of IT organizations report that data quality and authority problems are a top barrier to NetSecOps partnerships. The two teams are struggling to identify a single source of truth about what’s happening on the network. Each team has its own repository of data, and the differences between those repositories are causing problems. Simply put, they need a common view of the network to work in order to succeed.
Lack of common skills
Cross-team skills gaps (25%) are the number-two problem. Network and security pros don’t understand the domains of their counterparts in the other silo. In addition to the data, recent conversations with networking professionals have confirmed that skills gaps are causing trouble.
“Security people in general are not super well-versed in networking,” a network engineer with a large financial company said. “There would be a clash because of knowledge gaps, one team trying to butt heads with the other team because they didn’t know what the other team was doing.”
“We talk to security every two or three months, and they want to ask a lot of theoretical questions that aren’t particularly relevant to what was being discussed,” a network architect with a $15 billion retail company said. “We often get the sense that security doesn’t understand what the business is.”
Lack of money for resources
Budget issues are a major barrier for 21% of organizations. They simply lack the funds to acquire the infrastructure, tools, and training needed to bring these groups together. However, are willing to pool budgets as they try to build partnerships. CIOs and CISOs are encouraging this budget sharing.
Complexity is an enemy
Architectural complexity is a significant challenge for 20% of organizations. In fact, architectural complexity was more likely to be an issue with organizations that are the least successful with NetSecOps collaboration. The two teams are trying to partner up to enable transformative technologies like the cloud and IoT.
At the same time, these new technologies can increase complexity. For instance, IoT will require new network and security infrastructure, new access controls, and new segmentation schemes. Network and security teams should work together to make sure they reduce complexity, rather than add to it, as they support these new initiatives.
How can network and security teams overcome these challenges?
Common data repositories
The first priority is to establish a shared data repository that both teams can rely on for a common view of the network. In many companies, security teams are constantly requesting data from the network team when conducting investigations. If that’s the case, the network team should identify the data that security teams frequently request and establish repositories that are accessible to them.
This might require modernization of some of the data stores that network teams maintain. For instance, they should replace legacy IP-address spreadsheets with enterprise-grade IP Address Management (IPAM) tools that the security team can log into when they want to examine the network IP address space. Also, network teams and security teams should centralize packet-capture infrastructure as much as possible so that both teams have a common record of raw traffic data.
C-level push for better training
The skills gap will be tough to overcome. One team can’t tell the other team what training to acquire. But CIOs and CISOs can. Leadership should recognize how skills gaps are undermine NetSecOps partnerships and lead from the top to close those gaps. Also, network infrastructure professionals are usually quite knowledgeable about network security concepts. They can bring that to bear as much as possible to find common ground with the security team.
Simplify the architecture
Network teams should work to simplify architecture. If complexity is getting in the way, the network team should kill complexity and modernize legacy architecture as much as possible.
One option is to adopt automation solutions that abstract complexity. And as they move into new environments like the cloud and work-from-anywhere, they should design for simplicity as much as possible. They must build solutions that people with a variety of networking and security skills can work with and contribute value to.
READ MORE HERE