The growing reliance on hybrid IT infrastructures that support cloud-based applications and a largely remote workforce is creating network security and performance challenges for many enterprises. According to research from a recent white paper by The Enterprise Strategy Group (ESG), 85 percent of organizations believe network security is more difficult today than it was two years ago.
According to research from a recent white paper by The Enterprise Strategy Group (ESG), 85 percent of organizations believe network security is more difficult today than it was two years ago. - Read more at @NETSCOUT
Entitled “Network Security Without Borders: A Common Technology Stack for Network Security and Operations,” the study cites several factors that contribute to the growing challenge of network security:
Increasingly sophisticated cyberthreat tools. Monitoring cyberthreats; correlating cyber threat intelligence with internal security telemetry; and keeping up with the tactics, techniques, and procedures used by adversaries is no easy proposition. The reality is, bad actors have an ever-growing array of innovative and complex tools at their disposal, including artificial intelligence. Meanwhile, targeted companies are often unfamiliar with the looming threats and have insufficient protections in place to mitigate the risk.
Expanding attack surface. With an increasing number of components such as work-from-home users, mobile devices, sanctioned/unsanctioned cloud applications, and Internet of Things (IoT) devices, enterprised must defend a continually growing attack surface. This puts the onus on security teams to know what’s connected to the network, scan for vulnerable assets, monitor network traffic, and fine-tune security controls.
Increasingly complex network security technology. The ESG paper noted that one-third of security professionals believe that network security has become more difficult because of an increase in the number of disparate network security tools required to address different threat vectors and use cases. With a growing attack surface, deploying, configuring, and operating an assortment of network security point tools will only become more cumbersome.
Cybersecurity skills shortages. According to the ESG study, 23 percent of IT security departments are understaffed. These departments tend to be overwhelmed by the scope and complexity of cybersecurity.
We Have Met the Enemy, and It is Us
These four challenges add to an already difficult job, as differing goals and objectives often hinder the ability of network security and IT operations teams to collaborate and communicate closely. Network teams typically focus on availability and mean-time-between-failure, while security targets visibility and mean-time-to-detect, mean-time-to-respond, and mean-time-to-acknowledge. Metrics. This tends to create greater friction and finger-pointing instead of collaboration and cooperation. Unless the right controls are put in place, both groups may end up working at cross-purposes. And because security and network operations teams tend to rely on manual processes, handoffs and process management may be cumbersome and ineffective.
Moreover, IT and security teams frequently work with different tools and rely on separate data as their sources of truth. As a result, IT and security teams end up with differing views of network reality, which leaves each group missing critical insights needed to keep the network secure and running at peak performance.
To ensure the success of both security and operations, enterprises need to address the friction between the two groups. This means ensuring they have consistent goals, unified processes, and common/interoperable technologies, so they can work together in harmony. In the second blog of this series, we’ll dive into how to build a common “network security without borders” technology stack that works for both teams.
Download the white paper: Network Security Without Borders: A Common Technology Stack for Network Security and Operations.
- Threat Intelligence