How Internal Dysfunction is Putting Your Network at Risk

In a recent report by IDG, it was found that 86% of organizations have suffered repercussions, including increased security breaches and data loss, due to lack of collaboration between these two departments.

Two IT professionals separated by a torn divide, illustrating misalignment between network and security teams
Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.

This video discusses the disconnect between network and security teams over access to DNS information, explaining how security needs visibility to detect anomalies while network teams resist giving change control to avoid impacting uptime. It outlines the real-world problem of operational friction that can delay threat detection and increase risk, within enterprise DNS/DHCP environments where changes can affect service availability. The video highlights approaches to bridge the divide—providing security teams the DNS visibility they need without relinquishing network change control—so organizations can improve detection and maintain network stability.

Why do security teams want access to DNS information, and what risks arise if they are denied?

Security teams want access to DNS data so they can search logs for anomalies and patterns that indicate compromise, data exfiltration, or malware communications. Without that visibility, threat detection is delayed or less effective because analysts cannot correlate DNS behavior with other indicators. Denying access increases operational risk by creating blind spots, allowing threats to persist longer and reducing the organization’s ability to respond quickly while also forcing insecure workarounds such as ad hoc data requests or shadow copies of DNS records.

Why are network teams reluctant to give security teams direct change access to DNS, and what operational impact does that concern reflect?

Network teams resist giving security personnel change control because DNS and DHCP configurations directly affect network uptime and service availability; unauthorized or mistaken changes can cause outages. This reluctance reflects the operational priority of maintaining stable production networks and minimizing change-related incidents. The consequence is a governance tension: protecting uptime leads network teams to tightly control configuration, which can impede security investigations and slow incident response when rapid DNS-based remediation or hunting would be beneficial.

What solution does the video suggest to resolve the divide between network and security teams?

The video suggests creating a process and tooling that provide security teams with the DNS visibility they need without giving them the ability to make live network changes. This approach maintains network stability by preserving network team control over production configurations while enabling security analysts to search DNS data for anomalies and patterns. Implementing such a separation of visibility and change authority reduces operational friction, improves detection capabilities, and prevents risky workarounds that could otherwise harm uptime.

Network teams and security teams don’t always see eye to eye. Security teams want access to DNS information so they can search for anomalies and patterns. Network teams don’t want the security team making changes which would impact network uptime. In this video, we run through the negative impact this divide has on networks, and what you can do about it.

📣  Now live: Explore BlueCat Horizon, our SaaS-first Intelligent NetOps platform.