Two IT initiatives that tend to drive greater collaboration among network and security professionals are SASE and multicloud, according to survey data from Enterprise Management Associates. Credit: dotshock / Shutterstock Network teams and cybersecurity teams are collaborating more and more, we’ve found in our research at Enterprise Management Associates (EMA). We explored this issue most recently in our report, “NetSecOps: Examining How Network and Security Teams Collaborate for a Better Digital Future.” Among 304 IT professionals surveyed, 84% of organizations have seen the amount of collaboration between these groups increase in recent years. As one network engineering manager at a midmarket business services company described it: “We’ve always had a push for network and security to work together. We have regular meetings with them to go through any changes. We look at any tools they are considering and any testing they are doing.” This collaboration is especially active in enterprises that are engaged with secure access service edge (SASE) technology and multicloud architecture, EMA has determined. SASE converges network and security solutions into an integrated architecture, so it makes sense that these groups would come together to implement and operationalize it. Multicloud adds significant complexity to networking and security at a time when both these groups are fighting to regain influence and control over cloud strategy. EMA believes that strong collaboration between the two groups can help both gain more credibility in the cloud. Bridging NetSecOps with tooling It’s not always easy for network and security teams to work together. They have different missions, different skillsets, and different tools. On the networking side of things, a network operations tool that provides security insights can be helpful for bridging that divide. EMA asked research participants if they had a network performance management (NPM) tool that offered security insights. More than 86% said yes. Among those organizations who get such insights from their tools, 91% said these security insights are at least somewhat valuable. Also, in 58% of organizations, both network and security personnel engage with those security insights, which indicates that these tools are providing value across silos. This is notable because it demonstrates that skills gaps are not preventing the security team from getting valuable information from NPM tools. It also suggests that network teams are building bridges with security teams by offering them useful information. NPM tools offer security insights EMA asked research participants to identify the most valuable security insights available in their NPM tools today. More than half (52%) told us that network detection and response (NDR) or network traffic analysis (NTA) insights were delivering significant value. NDR and NTA technology monitors network traffic (packet data or network flow records) for anomalous or suspicious behavior. These technologies leverage machine learning and behavioral analytics rather than threat data and malware signatures, allowing for the detection of previously unidentified threats and attack methods. The prevalence of NDR and NTA insights in NPM tools is not surprising, given that most NPM vendors have introduced modules or products over the last five years that focus on these capabilities. These capabilities can serve as a frontline cybersecurity monitoring solution, or network teams can offer it to the security team as a supplemental view into traffic. More than 43% or research participants told EMA that it’s useful to get health and performance reporting on network security infrastructure from their NPM tools. Network and security personnel can infer several things from this type of reporting. For instance, visibility into anomalous spikes in traffic hitting a network security appliance could indicate an attack. More importantly, overall insight into network security device state can ensure that security controls are performing as expected and not impacting applications and user experience. “We have some traffic monitoring tools that the security team is sometimes interested in using to troubleshoot the performance of their hardware,” a network engineering director at a Fortune 500 healthcare company told EMA. “For instance, is the firewall introducing issues?” Additionally, 40% of IT professionals believe that it’s valuable for an NPM tool to be able to correlate abnormal network health and performance telemetry with indicators of compromise or suspicious behavior. This insight can help security teams with their investigations of suspect activity by adding context. Finally, 32% of organizations see value from an NPM tool’s ability to conduct inventory assessments. Such tools will compare network device inventory data with product security vulnerability reports from their networking vendors, such as product security response team (PSIRT) alerts. This feature allows network teams to identify potential product vulnerabilities on their network and install patches and software updates to close them. This feature improves the network team’s ability to comply with an organization’s cybersecurity policies and standards. Organizations that have the most success with network and security team collaboration were more likely to identify inventory assessments as a valuable security feature in an NPM tool. EMA’s advice If your network team is trying to improve how it works with the security team, a strong NPM tool might be a good foundation for getting started. EMA recommends that you explore the security insights that your network monitoring vendors offer. Even good visibility into the health and performance of firewalls can help bridge the collaboration gap. If you’d like to learn more about EMA’s research on this topic, check out EMA’s free, on-demand webinar that highlights our NetSecOps report findings. Related content news Alkira expands NaaS platform with ZTNA capabilities Network-as-a-service vendor Alkira looks to extend security down to user policies and posture for a full zero-trust approach. By Sean Michael Kerner Oct 23, 2024 6 mins SaaS Network Security Networking news IBM launches platform to protect data from AI and quantum risks The SaaS-based Guardium Data Security Center provides unified controls for protecting data across distributed environments, including hybrid cloud, AI deployments and quantum computing systems. By Michael Cooney Oct 22, 2024 4 mins Generative AI Hybrid Cloud High-Performance Computing analysis Gartner: Top 10 strategic technology trends for 2025 Agentic AI, post-quantum cryptography, AI governance, and hybrid computing are among the most pressing and potentially disruptive trends that enterprises are facing, Gartner reports. By Michael Cooney Oct 21, 2024 8 mins Generative AI Edge Computing Network Security analysis Has the time come for integrated network and security platforms? Platformization buy-in has been elusive in the past, but AI could be the impetus for enterprises to give new consideration to the idea of a consolidated network and security platform. By Michael Cooney Oct 21, 2024 5 mins SASE Generative AI Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe