Network vs Cybersecurity: It’s Time to Come Together
Today, IDG and BlueCat introduced the results of a comprehensive study that revealed just how deeply divided today’s network and cybersecurity teams are. The study, called “A House Divided” concludes that 86% of network and cybersecurity professionals surveyed believe their organization has suffered repercussions, including increased security breaches and data loss, due to lack of collaboration between these two departments.
That’s a tough stat to swallow for IT executives and CISOs deep in an increasingly sophisticated conflict against cyber criminals. While they’re out securing funding, recruiting talent, and obtaining the most sophisticated cybersecurity tools, trouble is brewing on the home front: 55% of respondents don’t believe there is a high level of trust between cybersecurity and business network teams. Perhaps IT leaders need to focus their attention on winning hearts and minds, first.
The issue comes down to two functions working for the good of the organization, but fundamentally at odds with one another. As one BlueCat customer pointed out: “Network delivers every single packet. Cybersecurity ensures every single packet isn’t delivered. We’re learning to live with each other.” Well said.
Collaboration is your company’s business
On top of these conflicting missions there are a variety of other organizational challenges that contribute to these trust issues. For example, survey respondents bemoan a fundamental lack of understanding of their job by their counterparts in cybersecurity or networking. Certainly there’s some jealousy or even resentment at work here. Cybersecurity is ‘boardroom material’ – heck, it drives the news cycle – and budgets have ballooned over the last decade as organizations strive to keep ahead of the bad guys. Not so with networking.
Similarly, there is disagreement over ownership of several core aspects of network security. Policy enforcement, event prevention, threat detection, and event mitigation in many cases are not assigned to one team or the other, creating a ‘tug of war’ between the two. One BlueCat customer nicely summarized how this problem plays out in order to just update the network firewall: “Because it’s two different organizations with different approval chains, it requires 2 different change requests … it just takes more work to coordinate with each other, and a greater chance something might go wrong due to miscommunication.” One has to wonder if this kind of ponderous change management process between two separate functions can keep up with the speed at which today’s cyber-attacks materialize and spread.
The solution is crystal clear
Alas, there’s a ray of hope. Despite the dysfunction this research documents, a clear path forward emerges: shared visibility over network data. Simply being able to see what’s happening on the network significantly increases the level of trust between the two orgs, and can remove some of the emotional barriers to cooperation. In fact, even though just 37% of respondents say that the cybersecurity team has complete visibility into the network, that’s changing quickly. Three out of four say that requests for visibility into network data by cybersecurity is on the rise and it’s clearly having an impact. Those that indicate their organizations are very well-equipped to protect the network from future cybersecurity attacks are significantly more likely to report that the security team has complete visibility into the network.
How these two functions evolve is still a matter of speculation. They may stay as two separate organizations or merge into a larger team with a clear mandate. But it seems that the present course of action is unsustainable – simmering disagreements, turf wars and resentment are being fueled by a lack of alignment and collaboration. And that may just turn out to be the biggest threat to network security yet.
10 best Ansible modules for infrastructure as code
10 (plus a bonus) Ansible automation modules that anyone—from a beginner to a power user—can leverage to transform their network infrastructure to code.
NSA and CISA: Protective DNS key to network defense
U.S. cyber agencies now point to protective DNS as a defense strategy, confirming what BlueCat already knew: DNS is critical to detecting network threats.
BlueCat Blueprint for AWS
Instructions provided allow BlueCat Address Manager (BAM) and BlueCat Gateway to discover and import data from an Amazon cloud environment.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.