Enterprise Management Associates: Most organizations acknowledge failure to create fully successful teams to deliver reliable and secure cloud, data-center, and IoT initiatives. Credit: GaudiLab / Shutterstock (Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.) As the network engineers and architects who design, build, and manage enterprise networks collaborate more and more with their counterparts in information security and cybersecurity, they face challenges that can hamper their efforts. Over the past few years, more than 75% of IT organizations have observed an increase in these teams working together to ensure the reliability and security of new digital initiatives, tops among them being cloud adoption, work-from-anywhere, data-center modernization, and the internet of things (IoT). Unfortunately, only 39% of organizations believe they’ve been fully successful with this collaboration. Why aren’t more doing better? The need for quality data Data is the biggest issue. More than 27% of IT organizations report that data quality and authority problems are a top barrier to NetSecOps partnerships. The two teams are struggling to identify a single source of truth about what’s happening on the network. Each team has its own repository of data, and the differences between those repositories are causing problems. Simply put, they need a common view of the network to work in order to succeed. Lack of common skills Cross-team skills gaps (25%) are the number-two problem. Network and security pros don’t understand the domains of their counterparts in the other silo. In addition to the data, recent conversations with networking professionals have confirmed that skills gaps are causing trouble. “Security people in general are not super well-versed in networking,” a network engineer with a large financial company said. “There would be a clash because of knowledge gaps, one team trying to butt heads with the other team because they didn’t know what the other team was doing.” “We talk to security every two or three months, and they want to ask a lot of theoretical questions that aren’t particularly relevant to what was being discussed,” a network architect with a $15 billion retail company said. “We often get the sense that security doesn’t understand what the business is.” Lack of money for resources Budget issues are a major barrier for 21% of organizations. They simply lack the funds to acquire the infrastructure, tools, and training needed to bring these groups together. However, are willing to pool budgets as they try to build partnerships. CIOs and CISOs are encouraging this budget sharing. Complexity is an enemy Architectural complexity is a significant challenge for 20% of organizations. In fact, architectural complexity was more likely to be an issue with organizations that are the least successful with NetSecOps collaboration. The two teams are trying to partner up to enable transformative technologies like the cloud and IoT. At the same time, these new technologies can increase complexity. For instance, IoT will require new network and security infrastructure, new access controls, and new segmentation schemes. Network and security teams should work together to make sure they reduce complexity, rather than add to it, as they support these new initiatives. How can network and security teams overcome these challenges? Common data repositories The first priority is to establish a shared data repository that both teams can rely on for a common view of the network. In many companies, security teams are constantly requesting data from the network team when conducting investigations. If that’s the case, the network team should identify the data that security teams frequently request and establish repositories that are accessible to them. This might require modernization of some of the data stores that network teams maintain. For instance, they should replace legacy IP-address spreadsheets with enterprise-grade IP Address Management (IPAM) tools that the security team can log into when they want to examine the network IP address space. Also, network teams and security teams should centralize packet-capture infrastructure as much as possible so that both teams have a common record of raw traffic data. C-level push for better training The skills gap will be tough to overcome. One team can’t tell the other team what training to acquire. But CIOs and CISOs can. Leadership should recognize how skills gaps are undermine NetSecOps partnerships and lead from the top to close those gaps. Also, network infrastructure professionals are usually quite knowledgeable about network security concepts. They can bring that to bear as much as possible to find common ground with the security team. Simplify the architecture Network teams should work to simplify architecture. If complexity is getting in the way, the network team should kill complexity and modernize legacy architecture as much as possible. One option is to adopt automation solutions that abstract complexity. And as they move into new environments like the cloud and work-from-anywhere, they should design for simplicity as much as possible. They must build solutions that people with a variety of networking and security skills can work with and contribute value to. Now see Gartner: IT skills shortage hobbles cloud, edge, automation growth. Related content how-to Compressing files using the zip command on Linux The zip command lets you compress files to preserve them or back them up, and you can require a password to extract the contents of a zip file. By Sandra Henry-Stocker May 13, 2024 4 mins Linux news High-bandwidth memory nearly sold out until 2026 While it might be tempting to blame Nvidia for the shortage of HBM, it’s not alone in driving high-performance computing and demand for the memory HPC requires. By Andy Patrizio May 13, 2024 3 mins CPUs and Processors High-Performance Computing Data Center opinion NSA, FBI warn of email spoofing threat Email spoofing is acknowledged by experts as a very credible threat. By Sandra Henry-Stocker May 13, 2024 3 mins Linux how-to Download our SASE and SSE enterprise buyer’s guide From the editors of Network World, this enterprise buyer’s guide helps network and security IT staff understand what Secure Access Service Edge (SASE) and Secure Service Edge) SSE can do for their organizations and how to choose the right solut By Neal Weinberg May 13, 2024 1 min SASE Remote Access Security Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe