Network vs Cybersecurity: It’s Time to Come Together
Today, IDG and BlueCat introduced the results of a comprehensive study that revealed just how deeply divided today’s network and cybersecurity teams are. The study, called “A House Divided” concludes that 86% of network and cybersecurity professionals surveyed believe their organization has suffered repercussions, including increased security breaches and data loss, due to lack of collaboration between these two departments.
That’s a tough stat to swallow for IT executives and CISOs deep in an increasingly sophisticated conflict against cyber criminals. While they’re out securing funding, recruiting talent, and obtaining the most sophisticated cybersecurity tools, trouble is brewing on the home front: 55% of respondents don’t believe there is a high level of trust between cybersecurity and business network teams. Perhaps IT leaders need to focus their attention on winning hearts and minds, first.
The issue comes down to two functions working for the good of the organization, but fundamentally at odds with one another. As one BlueCat customer pointed out: “Network delivers every single packet. Cybersecurity ensures every single packet isn’t delivered. We’re learning to live with each other.” Well said.
Collaboration is your company’s business
On top of these conflicting missions there are a variety of other organizational challenges that contribute to these trust issues. For example, survey respondents bemoan a fundamental lack of understanding of their job by their counterparts in cybersecurity or networking. Certainly there’s some jealousy or even resentment at work here. Cybersecurity is ‘boardroom material’ – heck, it drives the news cycle – and budgets have ballooned over the last decade as organizations strive to keep ahead of the bad guys. Not so with networking.
Similarly, there is disagreement over ownership of several core aspects of network security. Policy enforcement, event prevention, threat detection, and event mitigation in many cases are not assigned to one team or the other, creating a ‘tug of war’ between the two. One BlueCat customer nicely summarized how this problem plays out in order to just update the network firewall: “Because it’s two different organizations with different approval chains, it requires 2 different change requests … it just takes more work to coordinate with each other, and a greater chance something might go wrong due to miscommunication.” One has to wonder if this kind of ponderous change management process between two separate functions can keep up with the speed at which today’s cyber-attacks materialize and spread.
The solution is crystal clear
Alas, there’s a ray of hope. Despite the dysfunction this research documents, a clear path forward emerges: shared visibility over network data. Simply being able to see what’s happening on the network significantly increases the level of trust between the two orgs, and can remove some of the emotional barriers to cooperation. In fact, even though just 37% of respondents say that the cybersecurity team has complete visibility into the network, that’s changing quickly. Three out of four say that requests for visibility into network data by cybersecurity is on the rise and it’s clearly having an impact. Those that indicate their organizations are very well-equipped to protect the network from future cybersecurity attacks are significantly more likely to report that the security team has complete visibility into the network.
How these two functions evolve is still a matter of speculation. They may stay as two separate organizations or merge into a larger team with a clear mandate. But it seems that the present course of action is unsustainable – simmering disagreements, turf wars and resentment are being fueled by a lack of alignment and collaboration. And that may just turn out to be the biggest threat to network security yet.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
React faster at the wire with BlueCat and ExtraHop
With the BlueCat ExtraHop Plugin, automatically create missing PTR records, and detect and react to security threats before they reach DNS servers.
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.
Sync ServiceNow tickets and IPAM with CMDB Plug-In
With BlueCat’s ServiceNow Configuration Management Database, admins can break the silos between ServiceNow and IPAM to improve IT ticket fulfillment.