4 Steps for Fostering Collaboration Between IT Network and Security Teams4 Steps for Fostering Collaboration Between IT Network and Security Teams
Successful collaboration requires a four-pronged approach that considers operations and infrastructure, leverages shared data, supports new workflows, and is formalized with documentation.
September 13, 2021
For some organizations, it may seem like IT networking and security professionals have different mandates. The networking team's goal is to ensure employees have fast, reliable access to core resources and applications. Security teams must always be on guard against data theft and damage.
However, the truth is IT executives must bring network and security teams together to tackle the challenge of protecting their business, while providing ready, secure availability to information. Taking a siloed approach risks undermining network performance for the sake of security and vice versa.
It's in the best interest of these two groups to collaborate, if not converge, especially considering challenges introduced and accelerated by COVID. Cyberattacks reached new levels in 2020 as millions of workers lost the protection afforded by traditional in-office security measures. Meanwhile, COVID accelerated cloud migration, further extending the security perimeter, and many organizations embraced new applications and services to digitally transform their processes.
When networking and security teams work together, it's easier to resolve challenges like bad policies or device failures that present complex service performance problems. The collaboration between network and security teams can be more effective when they are using a common and consistent source of network-derived data. Further, increased collaboration enables accelerated security incident detection and response time, as well as improved network performance and risk reduction.
For these reasons, most organizations already have some degree of formal collaboration between their network and security groups, especially at smaller and midsize organizations. But collaboration isn't a given at the enterprise level, where it's natural for silos to form if IT leaders don't take a transformational view of converging priorities.
Doing so requires a four-pronged approach that considers both operations and infrastructure, leverages shared data for networking and security teams to reference, supports new workflows, and is formalized with documented policies, controls, and best practices.
1. Begin at the Design Stage
One of the most critical points of collaboration between network and security groups is the infrastructure design and deployment stage, while incident monitoring and response is secondary. Digital transformation demands collaboration at the design stage. Cloud, software-defined WAN solutions, virtualization, the Internet of Things, and mobility combine to blur the security perimeter. Therefore, communications infrastructure must deliver security natively, starting at the initial design phase and continuing through updates and upgrades as business needs change, such as to provide greater support for remote employees or to overhaul data center connectivity.
2. Find a Single Source of Truth in Your Data
Collaboration requires a single source of truth or shared data that's reliable and accessible to all involved. If one team is working with outdated information, or a different type of data entirely, it won't be on the same page as the other team. Likewise, if one team lacks specific details, such as visibility into a public cloud environment, it won't be an effective partner.
Unfortunately, many enterprise-level organizations struggle with data control conflicts because individual teams can be overly protective of data they extract. As a result, what is shared is sometimes inconsistent, irrelevant, or out of date. At the same time, many network and security tools are already leveraging the same data, such as network packets, flows, and robust sets of metadata.
This network-derived data, or "smart data," must support workflows without requiring management tool architects to cobble together multiple secondary data stores to prop it up. Consequently, network and security teams should find ways to unify their data collection and the tools they use for analysis wherever possible to overcome sharing issues. The bottom line is that it's the same network packets being analyzed, but they are looked at from a different perspective.
3. Select the Right Tools for Collaboration
Given that network performance and security incidents are often intertwined, performance management tools can help analysts understand how such incidents affect performance. Network automation and orchestration tools also benefit from collaboration as they allow enterprises to make quick changes to the network in response to a security event. So when problems occur, there is less finger-pointing between departments. IT executives should therefore prioritize implementation and training across networking and security teams on using these systems — and if they choose to consolidate platforms, they may even realize cost savings from an upgrade and maintenance perspective.
4. Formalize Collaboration
Collaboration isn't sustainable if it's not supported at the leadership level, and it must be institutionalized for long-term success. Though the line between networking and security technologies seems to blur more each year, network and security teams are not always natural partners. They need clear priorities from up top, as well as a road map for success.
IT leaders should start by documenting the processes established for collaboration, creating change controls where necessary, and leveraging industry best practices where relevant. IT leaders should encourage network and security teams to share resources, including tools, data, people, and budget. Leaders should encourage these groups to reveal their value and expertise to each other and not leave them to solve this challenge independently. While network teams are beginning to progress in working alongside their peers in the security group, without the full support of executive leadership, these two groups will drift apart, fighting individual fires and, sometimes, each other.
Formalizing and documenting these processes makes it clear that the business is taking a transformational view toward collaboration. From there, it's easier to evaluate new technologies through a shared lens and respond to incidents with greater speed and clarity.
Networking and security teams are not enemies — nor should they be. Even if their priorities sometimes appear to conflict, the evolving nature of our increasingly distributed, connected world makes it vital that they work together, if not converge. But collaboration isn't easy. Only by dedicating shared resources and demonstrating top-down leadership can such a transformative view be successful at the enterprise level.
About the Author(s)
Tricks to Boost Your Threat Hunting GameNov 06, 2023
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
The Burnout Breach: How employee burnout is emerging as the next frontier in cybersecurity
AI in Cybersecurity: Using artificial intelligence to mitigate emerging security risks
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report