84% of security and IT teams ‘don’t have a positive relationship’https://securityitsummit.co.uk/wp-content/uploads/2018/11/People-Processes.jpg 960 640 Stuart O'Brien Stuart O'Brien https://secure.gravatar.com/avatar/81af0597d5c9bfe2231f1397b411745a?s=96&d=mm&r=g
Almost two thirds (59%) of European IT heads believe it is challenging to gain end-to-end visibility of their network, with almost half saying this lack of visibility is a major concern.
That’s according to a new poll by IDC/Forrester/VMware, which says more than a third (37%) feel the challenges associated with this lack of visibility has resulted in misalignment between security and IT teams – and a quarter (29%) have no plans to implement a consolidated IT and security strategy.
Only a third (38%) of networking teams are currently involved in the development of security strategies. Yet, 60% of these are involved in the execution of security, perhaps signalling that networking teams are not seen as having an equal role with the other IT or security teams when it comes to cybersecurity.
This is in stark contrast to the fact that network transformation is seen as being essential to delivering the levels of resilience and security required by modern businesses, with 43% of European organisations saying this is a key priority for them between 2019 to 2021.
Critically, organisations need shared thinking and responsibilities to establish a cohesive security model if they are to deliver their company’s strategic goals, seen by Forrester as increased security (55%), technological advancement (56%) and the ability to respond faster (56%).
Alongside the inconsistency in how the role of the network in security is perceived, there is a lack of cohesion within the IT and security teams as to who is responsible for network security.
“Businesses who are looking to adapt to fast-changing market conditions rely on the ability to efficiently connect, run and secure modern applications consistently, from the data center, across any cloud and all the way to the device. And it is the virtual cloud network that is delivering this. The network needs to be recognised as the DNA of any modern security, cloud and app strategy, and it should be seen as a strategic weapon and not merely the plumbing,” said Jeremy Van Doorn, Sr Director of Systems Engineering, Software Defined Data Center EMEA, VMware
The research also sheds light on the difference in priorities for both the IT and security teams. Globally, the top priority for IT is efficiency (51%), whilst security teams are focused on incident resolution (49%). And while new security threats require visibility across the entire IT infrastructure, less than three quarters of securityteams are involved in executing the organisation’s security strategy.
Forty five percent of respondents recognise that a consolidated strategy could help reduce data breaches and more quickly identify threats. Yet this relationship isn’t proving an easy one to maintain as 84% of security and IT teams admit they don’t have a positive relationship with one another (at VP level and below). More than half of organisations want to move to a model of shared responsibility in the next 3-5 years, where IT securityarchitecture (58%), cloud security (43%) and threat hunting response (51%) is shared between IT and securityteams; but that calls for much closer collaboration than exists today.
Denis Onuoha, Chief Information Security Officer at Arqiva, said: “It is critical that IT and security teams work in harmony to ensure every touch point of the IT infrastructure remains secure. The network forms a critical part of the business in delivering the best and most efficient services to customers. We recognise the importance of the network and therefore ensure security is embedded into the fabric of its infrastructure from the beginning and not bolted on as an afterthought. As we navigate a growing number of cloud and Edge environments and the network remains the connector between them all, it has become business critical for us to keep network security a top priority.”