The growing reliance on hybrid IT infrastructures that support cloud-based applications and a largely remote workforce is creating security and network performance challenges for many businesses. According to a study in a recent white paper by The Enterprise Strategy Group (ESG), 85% of organizations believe that network security is more difficult today than it was two years ago.
Titled “Network Security Without Borders: A Common Technology Stack for Network Security and Operations,” the study cites several factors contributing to the growing network security challenge:
- Increasingly sophisticated cyber threat tools.Cyber threat monitoring; correlate cyber threat intelligence with internal security telemetry; and keeping abreast of the tactics, techniques and procedures used by adversaries is not easy. The reality is that malicious actors have an ever-growing range of innovative and complex tools, including artificial intelligence. Meanwhile, targeted businesses are often unfamiliar with the impending threats and do not have sufficient protections in place to mitigate the risk.
- Expanding attack surface. With an increasing number of components such as home users, mobile devices, sanctioned/unsanctioned cloud applications, and Internet of Things (IoT) devices, enterprises must defend an ever-growing attack surface. This forces security teams to know what’s connected to the network, scan for vulnerable assets, monitor network traffic, and fine-tune security controls.
- Increasingly complex network security technology. The ESG article notes that a third of security professionals believe network security has become more difficult due to the increase in the number of disparate network security tools needed to deal with different threat vectors. and use cases. With an increasing attack surface, deploying, configuring, and operating an assortment of network security point tools will become increasingly cumbersome.
- Cybersecurity skills shortages. According to the ESG study, 23% of IT security departments are understaffed. These departments tend to be overwhelmed by the scope and complexity of cybersecurity.
We’ve met the enemy… and it’s us
These four challenges add to an already difficult job, as differing goals and objectives often hamper the ability of network security and IT operations teams to collaborate and communicate closely. Network teams typically focus on availability and mean time between failures, while security targets visibility and mean time to detection, mean time to respond, and mean time to acknowledge. Metric. This tends to create more friction and finger pointing instead of collaboration and cooperation. Unless the right controls are in place, the two groups can end up working at cross purposes. And because security and network operations teams tend to rely on manual processes, handovers and process management can be cumbersome and inefficient.
Additionally, IT and security teams frequently work with different tools and rely on separate data as sources of truth. As a result, IT and security teams end up with different views of the reality of the network, leaving each group with critical information needed to keep the network secure and operating at peak performance.
To ensure security and operational success, companies must resolve friction between the two groups. This means making sure they have cohesive goals, unified processes, and common/interoperable technologies, so they can work together in harmony.
In the second blog in this series, we’ll look at how to create a common “network security without borders” technology stack that works for both teams.
Download the white paper: Network Security Without Borders: A Common Technology Stack for Network Security and Operations.