73% of businesses suffer from security and compliance issues due to internal misalignment

According to Enterprise Management Associates (EMA) and the recently released research report by BlueCat, nearly 3 in 4 companies (73%) have experienced security or compliance issues in the past year, resulting directly from issues collaboration between cloud and network teams.

For security officials who have spent much of the past five years integrating better into networks, this represents a new Pandora’s box of risk that must be addressed.

The research, based on a survey of 212 network and cloud professionals, found that the consequences of dysfunction between these teams extend far beyond the realm of security. Not only are 72% of businesses struggling to get the most from their cloud investments, respondents admitted to having suffered a long list of repercussions. In the past year alone:

  • 89% experienced IT operating issues, such as delayed app deployments and poor user experience
  • 82% experienced business issues, such as customer churn and loss of revenue
  • 73% of organizations surveyed experienced security or compliance issues, such as regulatory fines or data breaches

The misalignment between the network and cloud teams is a lot like the historic disconnect that the network and security groups have struggled to overcome: they are separate groups, led by different leaders, who have separate goals. Except, here, it starts with the idea that one group is too slow to meet the needs of the other. Of course, it’s easier to set something up in a sandbox. More difficult – but more crucial – is to integrate that something into the larger networking and security ecosystem.

We see this dysfunction getting worse now than ever before as many organizations reach the tipping point of their cloud initiatives. They are getting too big for their proverbial sandbox and apps are coming out to play with the larger network.

Security managers should be concerned about the results of this research because it has direct implications for their teams. Below are some suggestions that security officials can take action on.

1. Advocate for integration among C-level peers

Only 34% of network and cloud professionals believe their leaders are doing a very good job supporting collaboration. The number doubles in companies that rate themselves as very successful in getting the full benefits of their cloud investments.

Leaders who push responsibility for supporting integration to lower levels are less likely to properly support their teams. Already, 41% of cloud adoption is not led by centralized IT management, but rather by non-technical management, or individual business units and individual developers. They clearly failed to figure it out.

As a security leader, getting involved in discussions between your cloud and network peers can help establish some of the right upstream processes that are needed to support your programs and reduce risk as well.

2. Support the [re]unification of critical functions such as security, compliance, DDI

The EMA recommends unifying some key functions. Among them: security, compliance, DNS and IP address management. As an example of what not to do, the EMA cites data from respondents who indicated some level of silos in the management of their IP address. Almost all of them have also failed to get the full benefit of their cloud investment.

As cloud adoption threatens to fragment the network, advocate for unifying the services you see as essential. Security and compliance are natural candidates, but managing DNS, DHCP, and IP addresses is also paramount.

3. Make sure teams embracing the cloud have the skills they need, including security concepts and cost monitoring

Finally, IT managers need to bridge the skills gaps between cloud and network teams. The skills respondents indicated to be the most important to have when designing, building and managing hybrid and multi-cloud networks include:

  • cloud provider network functionality skills
  • network security concepts
  • monitoring / management of costs and interpersonal skills

This is what both teams should be focusing on when trying to fill skills gaps.

These skills gaps can be filled through training, giving network and cloud teams access to the technologies and tools used by their peers in the other silo, or simply by equipping teams with people with those skills. Either way, shared access to tools and technology will give these teams hands-on experience that will help them acquire the skills they need, but leaders today need to fill the gaps.

Offering to provide a member of your group if you find that your cloud center of excellence does not have anyone is an interesting approach.

Conclusion

In the end, successful cloud adoption, from a business, operations and security perspective, requires a strong alignment among the diverse group of professionals who truly understand the requirements of the network. While the research focused specifically on the relationship between cloud and network teams, the role of the security leader here is evident.

About Jason Norton

Check Also

Entertainment awards pour in for young Wandisa

This Grade 10 student from Mashishing High School won an international modeling contract at the …

Leave a Reply

Your email address will not be published. Required fields are marked *