CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.
Excerpt from: Security, Networking Collaboration Cuts Breach Cost.
“We’re starting to see this move toward fewer consoles and move toward greater collaboration with other teams,” says Wolf Goerlich, advisory CISO with Duo Security (now under Cisco). “CISOs who act on those two trends have better outcomes for the organization.”
More than 91% of respondents say they are “very” or “extremely” collaborative; collaboration between endpoint and security teams is also high, at 87%. This trend can have financial benefits in the aftermath of a breach. In 2020, 59% of companies that say they are very/extremely collaborative between networking and security teams experienced a financial impact under $100,000 for their biggest breach, the lowest category offered for breach cost.
“A lot of it has to do with dwell time: How do we detect what’s going on in our environment; how do we remediate what’s going on in our environment,” Goerlich explains. “To detect, you have to have a really solid understanding of what’s going on in our networks and the cloud infrastructure we’re plugged into.”
And who better to detect than the subject matter experts? The networking team has a better understanding of the environment; as a result, team members know what’s typical and what isn’t. “There’s a reduction in time to detect because they understand what normal looks like, so they can help us understand what abnormal behaviors are,” he continues.
The networking team can also help stop threats. When a security operations center analyst spots an event, often because good practices they won’t pull out the equipment. They’ll pass this off to the subject matter experts, and the networking team takes over for quarantine, remediation, and cleanup.
“When you have those tight collaborations, you can say, ‘This is what we see, this is what needs to happen,’ and the handoff is much smoother,” Goerlich says.
Read the full article: https://www.darkreading.com/cloud/security-networking-collaboration-cuts-breach-cost/d/d-id/1337132
Wolf’s Additional Thoughts
When I built one of the first DevOps teams, a decade ago, I recognized the need for collaboration but greatly underestimated the impact of bringing teams together. By all metrics, our new combined team significantly and surprisingly beat out our previous separate teams. The industry has seen improvements year-after-year based on this simple concept. Create a common language, use a common set of tools, set a common set of goals, reduce barriers, and let the magic happen.
This is what excites me about SASE (Secure Access Service Edge). Imagine if we do with network operations and security operations what we previously did with development and IT operations. A decade from now, if we get that right, the productivity and pace of operations will be completely transformed.
Of course, that means pushing through the pushback to get staffing, reporting relationships, and budgets aligned. I’m not suggesting this is going to be easy. I’m simply saying we have a playbook to follow. Let’s do it.
This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category. Do you want to interview Wolf for a similar article? Contact Wolf through his media request form.