Emad Fahmy, Systems Engineering Manager, Middle East, at NETSCOUT explains why IT and security teams need to work together.
Enterprise network and security teams face an egregious increase in cyberattacks against their networks. For example, as of December 2021, more than nine million Distributed Denial of Service (DDoS) attacks have been launched.
Indeed, cybercrime has risen to unprecedented levels over the past few months, with bad actors exploiting new vulnerabilities and causing disruption across VPN networks as well as firewalls and cloud-based tools used by employees working from their homes. By preventing legitimate users from accessing networks, attackers can freeze operations and cause financial losses and damage to a company’s reputation.
Unfortunately, the problems created by cyberattacks are further exacerbated when IT and cybersecurity teams don’t effectively collaborate. Failure to cooperate often has its genesis in how each team defines its role. While IT teams are tasked with ensuring an efficient experience for employees and customers, security teams are focused on protecting assets and addressing security issues.
One recent survey from Enterprise Strategy Group (ESG) shows that 44% of cybersecurity and IT professionals say the relationship between IT and security doesn’t work well for several reasons. Many cite that such issues stem from reporting structures that create conflicting agendas and impede cross-collaboration. Likewise, budgetary conflicts, problems with compliance, and a lack of skilled workers on both teams make effective collaboration a challenge.
In fact, cybersecurity professionals say the most stressful aspects of their jobs often stem from these very issues. Almost a third say their most significant stress stems from IT initiatives or projects that were started by other teams with no security oversight, and 31 percent point to working with disinterested business managers.
The question, then, is how both teams overcome these challenges to meet employee and customer expectations while also protecting resources from cyber attackers. When surveyed about how that might happen, 58% of IT and security teams say ensuring security personnel is included on IT projects from the start, while 38% said embedding security personnel into functional technology groups is critical. Likewise, 35% say automating processes that promote collaboration between IT and security is needed.
Why cross-silo collaboration is essential
Cross-silo collaboration is vital for enterprises that want to improve network performance, reduce security risk, and accelerate security incident detection and response. Effective collaboration gives both teams the ability to quickly and effectively determine whether an IT service event is a performance issue or a security incident, which is sorely needed in today’s enterprises’ complex digital infrastructure.
The Information Systems Security Association (ISSA) conducted a survey in 2021 to determine how frustrations between IT and security teams might best be addressed. Respondents provided several suggestions that could improve the relationship between security and IT, including involving security
personnel on IT projects from the start (58%), embedding security personnel into functional technology groups (38%), automating processes that promote collaboration between IT and security (35%).
Cross-silo collaboration is considered imperative for effectively identifying and troubleshooting service performance issues.
Media contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: editor@securitybuyer.com
