Given the increasing strategic focus on the network for delivering connectivity, intrinsic security and app delivery, almost two thirds (59%) of European IT heads believe it is really challenging to gain end-to-end visibility of their network, with almost half saying this lack of visibility is a major concern, according to a new poll by IDC. More than a third (37%) feel the challenges associated with this lack of visibility has resulted in misalignment between security and IT teams – and a quarter (29%) have no plans to implement a consolidated IT and security strategy, according to new global research by VMware in partnership with Forrester.
Only a third (38%) of networking teams are currently involved in the development of security strategies. Yet, 60% of these are involved in the execution of security, perhaps signalling that networking teams are not seen as having an equal role with the other IT or security teams when it comes to cybersecurity.
This is in stark contrast to the fact that network transformation is seen as being essential to delivering the levels of resilience and security required by modern businesses, with 43% of European organisations (IDC) saying this is a key priority for them between 2019 to 2021.
Critically, organisations need shared thinking and responsibilities to establish a cohesive security model if they are to deliver their company’s strategic goals, seen by Forrester as increased security (55%), technological advancement (56%) and the ability to respond faster (56%).
Alongside the inconsistency in how the role of the network in security is perceived, there is a lack of cohesion within the IT and security teams as to who is responsible for network security.
“Businesses that are looking to adapt to fast-changing market conditions rely on the ability to efficiently connect, run and secure modern applications consistently, from the data centre, across any cloud and all the way to the device. And it is the virtual cloud network that is delivering this. The network needs to be recognised as the DNA of any modern security, cloud and app strategy, and it should be seen as a strategic weapon and not merely the plumbing,’ said Jeremy Van Doorn, Senior Director of Systems Engineering, Software Defined Data Center EMEA, VMware.
The research also sheds light on the difference in priorities for both the IT and security teams. Globally, the top priority for IT is efficiency (51%), while security teams are focused on incident resolution (49%). And while new security threats require visibility across the entire IT infrastructure, less than three quarters of security teams are involved in executing the organisation’s security strategy.
A total of 45% of respondents recognise that a consolidated strategy could help reduce data breaches and more quickly identify threats. Yet this relationship isn’t proving an easy one to maintain as 84% of security and IT teams admit they don’t have a positive relationship with one another (at VP level and below). More than half of organisations want to move to a model of shared responsibility in the next three to five years, where IT security architecture (58%), cloud security (43%) and threat hunting response (51%) is shared between IT and security teams; but that calls for much closer collaboration than exists today.
“The exponential rise in connectivity, the adoption of multi-clouds to build, run, manage and secure apps, and the enabling role in delivering this, from the data centre to the public cloud and Edge cloud, is the network,” Van Doorn continued. “Core to all this is the possibility that the network can be used to protect data across the entire organisation, from origin to user. This is only possible if the network is delivered in software and only via a cohesive, collaborative approach within IT. The virtual cloud delivers consistent, pervasive connectivity and security for apps and data wherever they reside.”
Denis Onuoha, Chief Information Security Officer, Arqiva, UK communications infrastructure provider, said: “It is critical that IT and security teams work in harmony to ensure every touchpoint of the IT infrastructure remains secure. The network forms a critical part of the business in delivering the best and most efficient services to customers. We recognise the importance of the network and therefore ensure security is embedded into the fabric of its infrastructure from the beginning and not bolted on as an afterthought. As we navigate a growing number of cloud and Edge environments and the network remains the connector between them all, it has become business critical for us to keep network security a top priority.”
“Security should increasingly be seen as a team sport, but we’re still seeing organisations continuing to take a functionally siloed approach. The key to the success of modern IT and security is working together collectively with shared accountability, shared plans and ensuring that every element of security, including networking, is built into the foundation of your strategy from the very beginning. However, many of the issues that arise from being siloed can be mitigated, at least to some extent, by adopting a software-first approach, as embodied by the principles of a virtual cloud network. This will help organisations to connect and secure applications and data across private, public and Edge/branch clouds, delivering consistent connectivity and security for apps and data wherever they reside, independent of underlying physical infrastructure. Wherever you are on your Digital Transformation journey, this should be your next step,” said Van Doorn.