Since well before the internet age, the network has been fundamental to businesses. Network infrastructure is the backbone of all business communications. It makes possible the exchange of data, voice, and video for all business functions. The challenge is that networks have rapidly evolved beyond the initial designs and concepts that were implemented decades ago. Today's network infrastructure teams rarely get a chance to reset, rebuild, and redesign what they've evolved into. Instead, they're forced to retool—bolting on new technologies and capabilities to keep up with the latest digital innovations.
This reactive mode has created sprawling, massively complex network environments that have grown beyond the means of control. This is an especially critical issue as we consider the future of securing data, protecting users, and running our businesses without interruption. So the question becomes, how do we enable the network to be a part of and enhance the security framework as businesses evolve?
Collateral Consequences of the Cloud-first Era
Digital transformation has transitioned businesses from building their own applications to buying applications in software-as-a-service (SaaS)-based environments. Cloud-based infrastructure-as-a-service (IaaS) architectures now provide instant scalability and flexibility. But these innovations have had impacts beyond business enablement.
Even just ten years ago, most business traffic would have been internal, along with the corporate users. As both applications and data are shifting to the cloud, and users are working in remote or hybrid models, the vast majority of traffic now needs to go out to the web—either being forced to hairpin back to a centralized security stack for some level of inspection first, creating inefficient routes and latency, or bypassing the data center’s centralized security stack all together. Due to these new traffic patterns, organizations no longer have visibility into most of their traffic or the ability to know the context of what's happening with their data.
Digital transformation accelerated a path that legacy infrastructure and network environments can no longer support. As this model matures, security and network teams need to catch up so that they’re enablers and accelerators of a company’s digital capabilities instead of roadblocks.
Effective Convergence Requires Meaningful Collaboration
Historically, network and security teams were independent. The two teams usually didn't partner together and instead just had to accept each other’s requirements. But with the emergence of secure access service edge (SASE) architectures and new zero trust frameworks, networking and security capabilities are converging. As a result, both teams now need to collaborate to be successful.
A network engineer cares about prioritized speed and delivery of a packet, whereas a security engineer thinks about prioritizing security over speed. This is fundamentally what has put these two teams at odds in the past. But as we increasingly become a cloud-first world, security and networking need to unify on a single, common objective: becoming a combined force in stopping outside threat actors from impacting the business.
So how can companies change the old oppositional team dynamics and facilitate collaboration? To design a successful strategy for the future, companies will need to bring together forward-thinking innovators on both sides. They should form a virtual team of thought leaders between network and security to design a single cohesive set of goals that address both of their challenges and adopt a single, unified mindset for how to work going forward. Network engineers must consider how their implementations will impact threat exposure, while security leaders must account for application performance and user experience when it comes to controls and policy enforcement.
Going forward, the strengths and expertise of two are better than one. This will lead to building more robust and scalable systems with optimizations that can be realized from both directions.
A Shared Vision for a Secure Future
The convergence of cybersecurity and networking into a cloud-first operating model is essential for businesses to catch up with the current cloud-first trend and continue to evolve. But this means that both network and security teams will need to learn how to collaborate much more closely.
If we can create the next generation of interconnectivity for business with both inherent controls and visibility, that will give the network teams the access they need to perform the proper mitigations as well as insight into traffic to make intelligent decisions based on security controls.
Gerry Plaza is Field CTO/Chief Strategy Officer at Netskope.