Rifts between security & IT teams being caused by lack of network visibility?

Rifts between security & IT teams being caused by lack of network visibility?

The deficiencies in business network visibility is causing a series of internal problems between IT, network & security functions, with 84% of security & IT teams actually admitting a negative relationship according to a new survey by Forrester.

Business security

Business security, IT & network teams are still working in individual silos, often without  overarching strategy & having misaligned priorities & discord as a result, according to new analyst research. These disconnects might go some way to explain why a large 84% of Security & IT teams admit they do not have a positive relationship with one another, claims Forrester analysts.

European IT heads

Almost two thirds (59%) of European IT heads believe that it is particularly challenging to obtain end-to-end visibility of networks, with nearly half saying this lack of visibility is a serious issue. Over a third (37%) think the challenges associated with this lack of visibility has resulted in misalignment between security & IT teams.

Problem

That problem is noticeably clear from business prioritisation, with ITs top priority being efficiency (51% surveyed), while security teams are tasked with incident resolution (49%). Although new security threats need visibility across the whole IT infrastructure, under three quarters of security teams are involved to implement the organisation’s security strategy, & only about a third (38%) of networking teams are, it appears, currently involved in the original development of security strategies.

60% of networking teams are involved in the execution of security, leaving a large disconnect in the figures.

Bolt-on security

Jeremy Van Doorn, the Senior Director of Systems Engineering, Software-Defined Data Centre EMEA, VMware suggested that: “We need to move away from bolt-on security as an afterthought, it needs to be integrated from the outset. However, collaboration is the solution here – not only internally between business functions, but also externally when sharing information about successful – or unsuccessful attacks. The hackers are excellent at sharing information about zero-days & vulnerabilities – the defenders need to catch up & learn to collaborate better.”

Disconnect

A disconnect exists despite a significant percentage (45%) of those reporting now accepting that a unified approach could help diminish data breaches & more quickly identify threats.

Over half of organisations want to collaborate better & then move over to a model of shared responsibility in the next 3-5 years, where IT Security Architecture (58%), Cloud Security (43%) & Threat Hunting Response (51%) are shared between IT & security teams, maintains the research by VMware in co-ordination with Forrester.

However, this conflicts as more than a quarter (29%) have no plans to put into place a co-ordinated IT and security strategy, despite the benefits on offer.

Vocal

Jeremy explained further: “We need to become more vocal as an industry to gain & to keep the attention of the CEO. Although CEO’s are in general much more interested in business security functions – regulation such as GDPR has helped a lot here – there is still a long way to go in terms of board-level buy-in & awareness.”

This survey has also discovered that current strategic goals for businesses are increased security (55%), technological advancement (56%) & ‘the means to respond faster’ (56%).

 

SHARE ARTICLE