The curious thing about businesses is that they run well when everyone is rowing in the same direction. This makes the “Networking-Cybersecurity Paradox,” as I like to call it, even more intriguing. If the teams work too closely, there can be significant overlap, which can lead to conflict. If the teams are too siloed, they may just throw requirements over the fence without collaborating to achieve the business goals of the organization.
Generally, the goal of a business is to provide a service or product to its customers in exchange for payment. The company is profitable, and customers can leverage their purchase to run their business and become profitable as well. Ideally, it’s a win-win scenario.
While there are some exceptions, every business has an online presence or network of some kind that it relies on to run its operations. For example, a bank relies on the internet, the SWIFT infrastructure, and internal network processing. An energy or manufacturing company relies on its IT network and OT network. A hospital relies on electronic health records being available at all times.
The common theme of all these businesses and more is that everyone relies heavily on the availability of network infrastructure to achieve their goals. Therefore, they have multiple teams responsible for this. The IT infrastructure team must ensure the workstations and servers are operational, the networking team needs to ensure data gets from point A to point B without disruption, and the cybersecurity team needs to ensure the risk of a compromise to data and availability is at an acceptable level.
Herein lies the conflict.
The cybersecurity team provides requirements and recommendations that may not align with the priorities and resource constraints of the IT and networking teams. Of course, in an ideal scenario, cybersecurity is a top priority for the organization, but, when organizations are faced with the decision to do something that will deliver financial gain versus a perceived risk that could lead to financial loss *if* something happens, many opt for the former.
One common example of a conflict we often encounter is mitigating vulnerability risk. The cybersecurity team runs vulnerability scans and shares reports with various stakeholders to guide remediation efforts and reduce risk. As an industry, we have largely nailed down this process for workstations and servers. Assuming there are no conflicts with in-house built applications, the process remains relatively straightforward.
The networking side, however, has been overlooked for far too long. It has become acceptable to have open vulnerabilities on network gear because the time it takes to remediate them far exceeds the willingness to experience network outages and downtime. Some organizations go as far as having three-year patch cycles for their routers and switches, while some OT devices never get touched at all.
What if there were a way to simplify this process? What if you could upgrade hundreds or even thousands of devices in one night, rather than two or ten? What if you could implement workarounds across your entire infrastructure with the click of a button?
In conversations with many network and security professionals, the very common reaction is, “YES! SERIOUSLY?! THERE IS A WAY TO DO THAT?! SHOW ME!”
The good news is that, although the network and security teams have slightly different near-term goals, they share the same outcome: ensuring the availability of networks while protecting against threat actors, thereby enabling the business to run as smoothly as possible. Additionally, in the event of an outage, they can quickly and efficiently restore network availability.
From a technical standpoint, a successful partnership relies on a unified source of truth. This central repository contains network data, device configurations, and security policies, ensuring both teams have consistent and accurate information. By supplying security teams with real-time telemetry, such as flow logs and alerts for configuration changes, network teams help them detect threats more accurately, respond more swiftly, and be more proactive by reducing the time it takes to remediate high-priority vulnerabilities.
By breaking down silos and fostering collaboration, organizations can transform network and security functions into a unified force that reduces risk and drives success.
Join our LinkedIn group Information Security Community!
