There are benefits for your entire enterprise when your NetOps and SecOps teams work together seamlessly.
When COVID-19 threw the world into chaos last year, there was a mad scramble to enable secure remote working while maintaining operations and protecting the performance and integrity of business networks.
Now that the initial sense of urgency has subsided and we’ve settled into a new way of working, there’s something else settling in: complacency. And when it comes to security operations (SecOps) and networking operations (NetOps), complacency can be dangerous.
Businesses can protect their data and networks from cybercriminals if they stick to best practices. The problem, however, is that NetOps and SecOps don’t always get along. There’s a disconnect between the two departments and an assumption that, if it’s not my responsibility, someone else will take care of it.
Connecting the dots
Industry has long debated the value of integrating security and network operations, but there’s an entrenched antagonistic dynamic between the two. NetOps wants speed, openness, and performance, which is often at odds with the closed environments and segmented connectivity punted by SecOps.
The two see each other as impediments to doing their jobs, with clear boundaries that must not be overstepped. The irony is that, in not collaborating, the efficiency and effectiveness of both functions are radically diluted.
Here’s an example… A phishing email slips through the network. NetOps missed it because it doesn’t ingest firewall information – that’s SecOps’ job. SecOps missed it because it doesn’t ingest endpoint data showing that the user visited a dodgy site. That’s NetOps’ job. Had they been sharing information and resources, there’s a good chance the phishing attempt would have been detected, and finger-pointing avoided.
Hindsight is 20/20
As businesses continue to deploy hybrid cloud infrastructures and shift towards software-defined data centres, security becomes essential to the network team. Similarly, expanding network and cloud architectures create new complexities and challenges for the security team.
Bottom line: NetOps and SecOps need each other. Now, more than ever.
Rather than settling into the same pattern as everyone else, businesses should leverage their competitors’ complacency and use it as an opportunity to start fresh and do things differently. Everyone is riding the wave of change right now, and what worked in the past will not work today. It’s time for new ways of thinking, doing, and solving business challenges.
It’s time for NetSecOps
“NetOps and SecOps are both vital in ensuring effective operations and business agility. Both exist to connect, support, and protect users, systems, apps, and data. They have shared guardianship over positive user experiences that are orchestrated in secure, highly available environments. And because network and security incidents are often intertwined, these roles consistently overlap,” says Hilton Ashford, BUI security manager.
They’re similar in other areas, too. For example, the convergence in tools, data, skills, and budget offers an opportunity to improve the effectiveness of both functions and integrate them in a way that fosters collaboration and communication over complacency and competition. And, since they share the challenges of constantly changing environments, skills shortages, and shrinking budgets, NetOps and SecOps can benefit from joint discussions about policies, tools, and procedures.
The business benefits of NetSecOps are compelling:
- Reduced operational costs. Shared technology purchases can enrich both functions, save money, and maximise the value gained from each implementation.
- Skills transfer. In sharing expertise, knowledge, and resources, there’s a better chance that NetOps will pick up what SecOps misses and vice versa.
- Deep visibility. You can’t manage what you can’t measure. With a single datastore from which to query security and networking incidents, it’s possible to improve collaboration, enhance insights, and overcome silos, cultural hurdles, and multiple levels of management.
Tips for a successful NetSecOps integration:
- Align goals. Appreciate each other’s concerns, find common ground, and prioritise issues.
- Align tech. Find shared use cases and objectives when investing in new tools and technology.
- Align on rules. Agree on pre-established rules and processes that benefit both functions. Then, formalise them through documented policies, controls, and best practices.
- One database. A single source from which to collect, correlate, visualise, and report on data allows both parties to query and quickly identify the root causes of network and security incidents. This improves time to response, and shortens mean time to insight, for faster resolution and damage avoidance.
In seamlessly working together, SecOps and NetOps can create a larger safety net for the entire organisation.
“Security has always been a core focus area for us,” explains BUI Chief Technology Officer Willem Malan. “Since the outbreak of COVID-19, there has been an alarming spike in the number of cyberattacks. In fact, the WHO reported a fivefold increase in attacks in the first year of the pandemic. There’s no shortage of security solutions on the market, but you need to know which solution is right for your business. A Microsoft Azure Expert Managed Services Provider can support your NetSecOps integration and management.”
If it’s time for change and you’re ready to explore cloud-powered resources for your business, chat to us. Our networking and security experts can help you set up the essential tools to protect and defend your corporate networks today.
This article was originally published on ITWeb.