IDG polled 200 network and cybersecurity professionals across the U.S. & Canada, and found almost inevitable consequences for organizations where network and cybersecurity teams have conflicting objectives, are managed in a siloed way, and have unequal or incomplete network visibility.
Repercussions from a lack of close collaboration between cybersecurity and network teams
86% of respondents admitted to experiencing at least one of the following due to a lack of close collaboration:
- Increase in security breaches and/or data loss
- Slow response to security events
- Finger pointing/blame game
- Loss of productivity
- Service downtime
- Inability to determine root cause of security events
- Cost increases.
“The findings of this research should mobilize organizations to address some of their most fundamental problems, like team structure, goals, communication, and collaboration,” comments IDG publisher Bob Bragdon. “These teams have to work together much more closely than they ever have before, especially now that cybersecurity has reached a board-level focus.”
Both teams agree they should be collaborating more closely, and understand the payoff to doing so. “The challenge,” explains BlueCat CEO Michael Harris, “is that the network team’s mission is to ensure efficient and accurate traffic flow, while cybersecurity is tasked with inspecting suspicious traffic.” He adds, “these objectives, which sometimes have teams working at cross-purposes, create hurdles to the organization’s overall success. To ensure both the security and functionality of the network, it is imperative network and cybersecurity teams agree upon and manage their responsibilities with common processes, and shared, integrated platforms.”
Teams who already collaborate well report higher preparedness for cybersecurity events, higher levels of trust, and more. Unfortunately, they are a minority. Only 37% of cybersecurity teams report having complete network visibility, making it difficult for teams to get on the same page.
The survey also uncovered an industry-wide tug-of-war over ownership of responsibilities like network policy enforcement, proactive threat prevention and detection, and resolution of security events. Meaning, at many companies, the work environment is ripe for work overlaps and fumbled tasks.
Mathew Chase, a seasoned Information Technology executive who was consulted about the findings of this research, confirms this ‘divided house’ is problematic. “I’ve seen this sort of dysfunction act as a source of increased organizational risk firsthand,” Chase says. “Network and cybersecurity teams must start working more closely together—if not, adversaries will continue to exploit this dysfunction, and businesses will suffer.”