Cómo la disfunción interna está poniendo en riesgo tu red

En un informe reciente de IDG, se constató que el 86 % de las organizaciones han sufrido repercusiones, como un aumento de las brechas de seguridad y la pérdida de datos, debido a la falta de colaboración entre estos dos departamentos.

Two IT professionals separated by a torn divide, illustrating misalignment between network and security teams
Puntos claveEsta idea clave se generó mediante modelos de lenguaje grande (LLM) que rastrearon la página y elaboraron un resumen del contenido.

Este vídeo aborda la desconexión entre los equipos de red y de seguridad en lo que respecta al acceso a la información del DNS, y explica cómo el equipo de seguridad necesita visibilidad para detectar anomalías, mientras que los equipos de red se resisten a ceder el control de los cambios para evitar que se vea afectado el tiempo de actividad. Describe el problema real de la fricción operativa que puede retrasar la detección de amenazas y aumentar el riesgo, dentro de entornos empresariales de DNS/DHCP en los que los cambios pueden afectar a la disponibilidad del servicio. El vídeo destaca estrategias para salvar esta brecha —proporcionando a los equipos de seguridad la visibilidad del DNS que necesitan sin ceder el control de los cambios en la red— para que las organizaciones puedan mejorar la detección y mantener la estabilidad de la red.

Why do security teams want access to DNS information, and what risks arise if they are denied?

Security teams want access to DNS data so they can search logs for anomalies and patterns that indicate compromise, data exfiltration, or malware communications. Without that visibility, threat detection is delayed or less effective because analysts cannot correlate DNS behavior with other indicators. Denying access increases operational risk by creating blind spots, allowing threats to persist longer and reducing the organization’s ability to respond quickly while also forcing insecure workarounds such as ad hoc data requests or shadow copies of DNS records.

Why are network teams reluctant to give security teams direct change access to DNS, and what operational impact does that concern reflect?

Network teams resist giving security personnel change control because DNS and DHCP configurations directly affect network uptime and service availability; unauthorized or mistaken changes can cause outages. This reluctance reflects the operational priority of maintaining stable production networks and minimizing change-related incidents. The consequence is a governance tension: protecting uptime leads network teams to tightly control configuration, which can impede security investigations and slow incident response when rapid DNS-based remediation or hunting would be beneficial.

What solution does the video suggest to resolve the divide between network and security teams?

The video suggests creating a process and tooling that provide security teams with the DNS visibility they need without giving them the ability to make live network changes. This approach maintains network stability by preserving network team control over production configurations while enabling security analysts to search DNS data for anomalies and patterns. Implementing such a separation of visibility and change authority reduces operational friction, improves detection capabilities, and prevents risky workarounds that could otherwise harm uptime.

Network teams and security teams don’t always see eye to eye. Security teams want access to DNS information so they can search for anomalies and patterns. Network teams don’t want the security team making changes which would impact network uptime. In this video, we run through the negative impact this divide has on networks, and what you can do about it.

📣  Now live: Explore BlueCat Horizon, our SaaS-first Intelligent NetOps platform.