When it comes to your network, which is more important: security or performance? Trick question. The answer is that neither is more important. Security and performance are both absolutely essential to supporting the business requirements while delivering the expected user experience.
But for far too long, network and security teams have answered by putting their own needs first. Network and security leaders may sit down at the same table from time to time, but without a structured plan for collaboration, they go back to focusing on their individual objectives as soon as they walk out of that room. Because that's the way it's always been done.
Most organizations have experienced some version of this classic problem. The network team is tasked with delivering a new architecture on an accelerated timeline. Out of necessity, they move forward at full speed while making assumptions about security and controls to keep the project on schedule. Late in the process, someone discovers that at least one crucial assumption was wrong. Everything comes to a halt. The project gets delayed, and the network team gets blamed.
The greater the urgency, the more important it is for teams to work together from the very beginning. When network and security work together in parallel, they get more accomplished in less time than individual units working in a sequential order. Downstream implications can be avoided if the two sides are positioned to share accountability from the start. And there are three main things that business leaders can do to facilitate more seamless and efficient collaboration between these teams.
Unify the Vision
In many cases, network and security teams lack a common goal. The first step is for executive leadership to align their individual business unit priorities with a vision that compels them to work toward mutually beneficial ends.
Many companies today are bringing in their chief information officer (CIO) to oversee both teams. The CIO can begin by defining a vision for success that's meaningful to both teams and that also tracks with the organization's higher business objectives. This unified vision will become the foundation upon which all future security and network collaboration will be built.
Locate the Pain Points
Change can be uncomfortable—you want things to bend, not break. The next essential step to facilitating better collaboration between network and security teams is to look for pain points that may arise as a result of modifying how these two units have operated in the past. It can be easy to focus too much on security issues while ignoring the pains that impact people and processes—and these are major parts of any change. You need to identify and understand where there might be operational gaps or challenges on both sides.
Start Asking Questions
Now, you're ready to start asking some targeted questions—ones designed to motivate a collaborative response. The CIO should query the security leader about something that involves networking responsibilities (and vice versa). When the security leader says, “I don’t know—that’s the network team’s job,” the need for cross-team communication becomes much clearer.
Visibility is a great place to start. Without visibility into network traffic, you can’t really understand what kinds of security controls need to be applied. Security needs tools from the network side to provide that information. The CIO can ask their CISO something like, "What level of visibility do we currently have into our network traffic, and how is this being used by the security team?" The CISO probably isn't going to have all the answers; someone on the network side will need to help them fill in the gaps.
Some other example questions to help coach security and network leaders into a closer, more collaborative relationship might include:
-
- “How do network policies support our overall security policies?”
- “In what ways do network architectures and configurations impact security risk assessments?”
- “Are there parts of our incident response plan where the network team involvement is critical?”
- “How does your team balance network performance and security requirements?”
Finding the Balance Point
That last question about balance is important. Security has traditionally been framed as a tradeoff: you have to give up some performance in order to gain some protection. Every time the security team introduces a new solution, it adds a bump on the wire that slows things down. But security shouldn’t be framed as an oppositional exchange, taking from one side and giving to the other.
Finding the balance point of performance and security that best serves the organization can only be done when both teams work together.
Gerry Plaza is the Field CTO/Chief Strategy Office at Netskope.