(Enterprise Management Associates finds that enterprises are trying to better collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a scan of 366 IT and security professionals detailed in the report ’NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation’ by EMA Vice President of Research Networking Shamus McGillicuddy.)
As the network engineers and constructors who design build and handle enterprise networks collaborate more and more with their counterparts in information security and cybersecurity they face challenges that can hinder their efforts.
Over the past few years more than 75% of IT organizations have observed an increase in these teams working unitedly to fix the reliability and security of new digital initiatives tops among them being cloud addiscretion work-from-anywhere data-center modernization and the internet of things (IoT).[Get regularly scheduled insights by signing up for Network World newsletters.]
Unfortunately only 39% of organizations believe theyve been fully lucky with this collaboration. Why arent more doing better?
Data is the biggest effect. More than 27% of IT organizations report that data condition and ground problems are a top barrier to NetSecOps associateships. The two teams are struggling to unite a one rise of veracity almost whats happening on the network. Each team has its own repository of data and the differences between those repositories are causing problems. Simply put they need a ordinary view of the network to work in order to follow.
Cross-team skills gaps (25%) are the number-two problem. Network and security pros dont apprehend the domains of their counterparts in the other silo. In approachion to the data late conversations with networking professionals have confirmed that skills gaps are causing trouble.
’Security nation in general are not super well-versed in networking’ a network engineer with a big financial company said. ’There would be a clash owing of apprehension gaps one team trying to butt heads with the other team owing they didnt know what the other team was doing.’
’We talk to security see two or three months and they want to ask a lot of speculative questions that arent specially appropriate to what was being discussed’ a network constructor with a $15 billion retail company said. ’We frequently get the perception that security doesnt apprehend what the business is.’
Budget effects are a major barrier for 21% of organizations. They simply lack the funds to gain the infrastructure tools and training needed to fetch these groups unitedly. However are ready to pool budgets as they try to build associateships. CIOs and CISOs are encouraging this budget sharing.
Architectural complexity is a expressive challenge for 20% of organizations. In fact constructorural complexity was more likely to be an effect with organizations that are the smallest lucky with NetSecOps collaboration. The two teams are trying to associate up to empower transformative technologies like the cloud and IoT.
At the same time these new technologies can increase complexity. For entreaty IoT will demand new network and security infrastructure new approach controls and new segmentation schemes. Network and security teams should work unitedly to make sure they lessen complexity rather than add to it as they support these new initiatives.
How can network and security teams vanquish these challenges?
The leading priority is to plant a shared data repository that both teams can rely on for a ordinary view of the network. In many companies security teams are constantly requesting data from the network team when conducting investigations. If thats the case the network team should unite the data that security teams frequently request and plant repositories that are approachible to them.
This might demand modernization of some of the data stores that network teams maintain. For entreaty they should restore legacy IP-address spreadsheets with enterprise-grade IP Address Management (IPAM) tools that the security team can log into when they want to weigh the network IP address space. Also network teams and security teams should concentrate packet-capture infrastructure as much as practicable so that both teams have a ordinary archives of raw commerce data.
The skills gap will be resistent to vanquish. One team cant tell the other team what training to gain. But CIOs and CISOs can. Leadership should identify how skills gaps are sap NetSecOps associateships and lead from the top to close those gaps. Also network infrastructure professionals are usually perfectly apprehensionable almost network security concepts. They can fetch that to bear as much as practicable to find ordinary ground with the security team.
Network teams should work to facilitate constructorure. If complexity is getting in the way the network team should kill complexity and modernize legacy constructorure as much as practicable.
One discretion is to assume automation solutions that abstract complexity. And as they move into new environments like the cloud and work-from-anywhere they should design for artlessness as much as practicable. They must build solutions that nation with a difference of networking and security skills can work with and conduce value to.