Visibility into network traffic, endpoints, cloud infrastructure, and more is crucial – especially considering the sophistication of cyber threats, the widely distributed workforce, and the escalation of cloud adoption.
Yet, many organizations have developed silos over time. Networking, IT, and security teams have become laser-focused on their own objectives and measurable outcomes. For example, NetOps is typically trying to optimize network performance to facilitate access between data and devices, while SecOps traditionally is looking to limit that access in order to safeguard data, apps, and infrastructure. Each team is measured on their success in achieving these capabilities; NetOps may not be incentivized to think of security in the same way that SecOps is.
Another part of the problem is the volume of different tools in use. When an incident occurs, a lack of integration across solutions can cause delays as teams check-in and get approvals for remediation. According to a recent pollamong 1,650 technology professionals, 65% of organizations require from two to four people to approve or execute actions to remediate a threat. Another 11% say it takes more than five people.
Even though different teams have their own goals and targeted metrics, they are all overwhelmed with a slew of disconnected vendors and products. Everyone wants greater visibility into potential issues so they can speed response. That becomes possible by merging NetOps, ITOps, and SecOps playbooks and processes. A unified platform such as Cisco SecureX helps break down these silos as well as provide automation and orchestration.
Cisco SecureX provides the necessary underlying platform that unites telemetry and response capabilities from multiple layers across the infrastructure. It brings together IT and networking tasks regardless of whether or not they’re security related.
The key differentiator is the built-in yet still open nature of the cloud-native SecureX platform. It is included with every Cisco Secure product and can integrate any open-source or third-party solution.
“SecureX will not only work with your Cisco products, you can also put different kinds of feeds in it,” says Wouter Hindriks, Technical Team Lead, Network and Security, at Missing Piece BV. “If you have a different kind of firewall, if you have a different kind of antivirus, you can get the same intel within the same dashboard. You can have a Cisco product and you can have other products and still use the dashboard to put everything together.”
SecureX not just transforms how technology works together but also reimagines how different teams works together. With that one dashboard, SecureX fosters collaboration while increasing visibility to mitigate risk. It allows customers to overcome internal silos—whether that’s around security or networking. The automated workflows can help reduce repetitive tasks and save critical working hours for every member on your team. By harnessing the power of integration with pre-built workflows and automated approval actions in SecureX between discrete network and security products, one can build a culture of collaboration within the organization. For example, the security functionality around firewalls—which are run by the networking team—can be brought into SecureX. Having this capability speeds detection and response cycles with integrated intelligence and context—an enterprise-wide benefit.
Successful adoption of modern security architectures and programs like Secure Access Service Edge (SASE), Zero Trust Network Access (ZTNA), and Extended Detection and Response (XDR) will be dependent on cross-functional collaboration between security and networking functions. XDR and SASE (and by extension, ZTNA) intersect as SecOps and NetOps/ITOps continuously assess risk and trust based on context from technologies across an organization’s environment. By working together, network and security teams can improve their chances of reducing complexity and delivering better outcomes.
Copyright © 2021 IDG Communications, Inc.