Three Ways to Drive Networking-Security Team Collaboration

May 24, 2021

The success of a secure access service edge (SASE) architecture depends on how well networking and security teams, and the products and services they manage, converge into a shared set of priorities tied to business objectives. Unfortunately, new research from Censuswide confirms this network-security team collaboration is still strained - if not downright combative - at a majority of enterprises.

Image

According to the research, more than 50% of CIOs believe that a lack of collaboration between teams stops organizations from realizing the benefits of digital transformation. With an estimated $6.8 trillion to be spent on digital transformation projects through 2023, we’re talking about a big spend. And it’s not as if we can sidestep these trends: 60% of organizations will have a SASE strategy in place by 2025, and 87% of organizations surveyed by Censuswide are either actively working on a digital transformation project or have just completed one.

Image

I read this research with familiar, but somewhat cynical curiosity. As a long-time CIO and technology executive, I’ve read variations on it for years, and very rarely do the data or commentary productively move beyond asking the network and security teams to have a “kumbaya” moment - get along, please!

Image

But as the Censuswide brief clearly spells out, the absence of collaboration has another byproduct: it’s starting to cost teams real money and real time. We can talk about why, but let’s also emphasize how - what can teams do today, and how can leadership guide better outcomes?

The following suggestions have worked for me and fellow CIOs to successfully enable better collaboration between siloed teams to accelerate digital transformation.

1. Use what DevOps has taught us
DevOps (and its variations, including DevSecOps) became a movement because of the inherent friction and misalignment between agile application development teams and IT operations teams in large, siloed organizations. At its core, DevOps is all about dedicated, empowered teams with all the skills necessary to deliver continuous value with minimal dependencies. In addition, many of the DevOps and agile practices, such as the use of Kanban boards and daily standups, can be easily transferred to network and security teams or any spot in the organization that would benefit from stronger cross-functional teamwork. In short, dedicated teams get stuff done.

2. Consider the SNOC
The idea of a combined SOC and NOC - known in some circles as a security and network operations center (SNOC) - is catching on as more companies realize that network access and security go hand-in-hand. The combined SNOC team allows organizations to improve efficiency and effectiveness through a single multi-skilled team without volleying incidents back and forth. The energy freed up from the combined team also allows for the investment in next-generation technologies such as AI/ML to augment human analysis and resolve incidents without manual intervention, driving further improvement.

3. Focus on a (short) list of business-critical metrics that transcend network-security boundaries
How would you best communicate to executive leadership, particularly the non-technical C-suite, that networking and security are working in harmony to maintain network infrastructure and support business objectives? That kind of reporting wouldn’t be the time for anecdotal highlights - or even kumbaya.

Exact metrics, or objectives and key results (OKR), will depend on the nature of the business and the maturity of the teams. What I like about OKRs is the focus on value creation while giving teams the autonomy to develop the solution. For that reason, OKRs work best in conjunction with cross-functional teams. If your teams are not ready for OKRs, metrics like mean time to resolution (MTTR), mean time to failure (MTTF)/mean time between failures (MTBF), or even better yet, customer satisfaction (your teams’ internal customers, too) are good places to start.

You do need a plan. Ultimately, without a good working relationship, you’re wasting time and money. Connect with me on LinkedIn and let’s talk about the suggestions above and ways you’re driving better collaboration - at any level.