As part of Solutions Review’s Premium Content Series—a collection of contributed columns written by industry experts in maturing software categories— Patrick Ostiguy of Accedian lays out the path toward the convergence of cybersecurity and networking in organizations.
Organizations today struggle with a lack of control over the end-user experience and security, as well as a dearth of visibility when it comes to their corporate networks. When employees started working remotely, companies became more dispersed, and for many of them, this shift has become permanent. Forrester Research estimates that just 30 percent of businesses will accept a total return to the traditional office setting following the pandemic.
In parallel, the sophistication of hacker attacks against this extended network surface has increased. The means of visibility continues to be much the same, even as these trends are occurring. Not just from a technological standpoint but also from an organizational and cultural one, there is an urgent need to change how things are done. The conventional barriers between networking and security functions must be removed for this change to be successful.
How the Networking and Security Landscape has Changed
The issue isn’t that visibility is worse than it used to be; rather, it has remained constant while everything else has changed, including the adoption of work-from-home (WFH) and the shift to the cloud. Because there is no longer a perimeter, perimeter defense strategies are ineffective. Organizations still need endpoint and perimeter security, but they are insufficient, given the expanding attack surface. Other technologies must be used in conjunction with them. Rather than only trying to block attackers at the entry point, new technologies must be used to cover distributed environments, follow and record intruders if and after they penetrate, and also account for insider threats.
Cyber-attacks are more frequent and sophisticated these days. Hackers are taking advantage of technological flaws, and once they are inside a network, it may take months to detect them. The cost of a breach increases with the amount of time between the breach and detection. And these expenses keep rising. The average cost of a breach reached a new high of $4.35 million in 2022, up 13 percent from 2020, according to IBM’s Cost of a Data Breach Report.
Uniting Networking and Security for Better Visibility
Organizations can only detect and thwart today’s attacks with insight into the network itself, yet most security teams lack visibility into and easy access to the network. Your security operations team needs a secure network to fend off attacks, while the network operations team wants dependable, trouble-free network performance. End-users are just looking for a no-hassle experience.
How will you meet these many needs? Cyber-attackers must traverse the network somehow, that is one place they cannot work around and probably the best place to catch them; if network operations and security teams work in silos and use different tools, chances are they might not detect them. It is a lengthy process, but the two teams must converge. In the past, security and networking were two distinct, compartmentalized fields. It won’t be possible to change this scenario overnight. Though it’s not always the case that they dislike working together, both teams are typically adamant about doing things their own way. These are occasionally teams from other organizations that have been integrated through acquisition.
Such compartmentalization persists for a few reasons:
- Job security fears: Will network specialists lose their jobs if security experts are now in charge of the network
- Territorial feelings: Occasionally, network specialists believe they lack sufficient cybersecurity knowledge and/or do not want cyber specialists to interfere with their networks.
- Budget siloes: These teams are still frequently managed via different budgets and decision-makers.
- Inertia: Despite the best of intentions, corporate environments frequently experience slow change because of competing priorities and the numerous layers of bureaucracy.
The Need to Change Culture and Habits
Culture must change for networking and security to function together. Some cultural barriers to this convergence are fading away, but progress must still be made, particularly in large companies and the public sector.
In essence, the territorial impulse kicks in, as noted above. In contrast to the security personnel, who are a quick-moving species, the networking crew is typically used to managing infrastructures– and at a more conservative pace, preserving the reliability of the network. Their priorities and skill sets differ. There’s also a reluctance to fix things that teams don’t perceive as broken– even though, from the big-picture perspective, they are. More specifically, they are not broken, they are open to intrusion.
Defeating the challenges surrounding convergence will take a lot of education to help service providers, network owners, MSSPs, and others grasp how converged NetOps/SecOps services can be provided via the network.
Organizations need to dispel persistent beliefs about job insecurity and get rid of the notion that bringing security within the realm of networking will somehow reduce networking’s budget or vice-versa. Leaders must encourage intrapreneurship and the notion of working together for the common good. Industry leaders will need to use their influence and skills to advance this message about the need for convergence.
No Time to Waste
Security and networking have been compartmentalized for far too long, and despite convergence being a popular concept for the last several years, it hasn’t seen much real-world action. For a variety of reasons, companies are still having trouble bringing this convergence to life.
However, as time passes, the situation worsens, and breaches continue to occur. 83 percent of firms stated in the IBM research that they have had at least one breach. Because of this, collaborating is no longer just a desirable outcome or future state. To give enterprises a stronger defense against cyber-criminals, networking and security must converge.