The Janus Effect
The cybersecurity industry has grown exponentially over the past decade with an expectation that the global market will reach $300 billion by 2024. Yet as the industry to protect networks has grown, the industry attacking it, has grown in parallel. Phishing campaigns are still gaining access to data at an unprecedented rate, costing American organizations up to half a billion dollars a year and showing no signs of slowing down. Data theft is rampant across the globe, and that information is being sold to the highest bidder, creating financial incentive and perpetuating the cycle of cybercrime. Yet, where the corporate network is concerned, that is only half the story with IT Teams facing pressures to increase speed and productivity while adding the latest technologies to keep competitive in the marketplace.
Head in the clouds
Adding to the load are companies’ voyage into a digital environment and transitioning to the cloud. While this migration to the cloud is more cost efficient, cybercriminals are coming along for the ride as well with sensitive data as the ultimate prize. Using stolen credentials, cybercriminals are hacking cloud-based email services starting with phishing attacks or taking advantage of configuration errors. Web applications are targeted to secure credentials to access cloud-based email accounts. Web applications, privilege misuse, and cyber-espionage represent 71 percent of breaches according to the Verizon 2019 Data Breach Investigations Report.
Companies have failed to stem the growing velocity of data theft because, in many cases, the security and network teams have not been able to collaborate and communicate effectively. This challenge is also compounded by the size of the organization. In large, complex, and multivendor environments, network and security teams often operate separately and view each other as obstacles to getting their jobs done. It is the schism that leads to high profile data thefts regardless of more people, more budget, and more deployed security tools.
Budgeting for the great divide
In fact, 89 percent of companies expect their IT budgets to grow or stay steady in 2019, according to Spiceworks 2019 State of IT Report. A significant portion of that is allocated to update IT Infrastructure. Yet the network, one of the greatest of IT investments, is also the most underutilized.
Network traffic alone accounts for 37 percent of data thefts according to a McAfee report and database leaks is just ahead at 38 percent. Data exfiltration is just one example where key employees are targeted with phishing emails, and someone makes that fateful click. With valid credentials in hand, bad actors gain a foothold, move laterally and eventually find data worth stealing. They then begin to transfer that data out of the network through a ‘low and slow’ method. Eventually, over time, if this data transfer goes un-noticed, the bad actor is successful in their theft. If the security team does not have access to network-related visibility, they will never see this data movement. The networking team may see the data movement, but since they are not tasked with catching data exfiltration, they are not looking for it.
A significant cause for these siloed environments is the separate allocation of budget across network and security teams. Both teams require visibility into the network to do their job, and each team uses its budget to purchase products to deliver that visibility. Most vendors are building products that target either the network or the security team, which leads to duplicative technologies being purchased at twice the cost. This scenario exacerbates the problem of poor communication and no collaboration allowing network and security teams to become stuck in a loop that leaves the organization at even greater risk.
Given how much data is compromised via network traffic, without a platform to analyze the data, organizations will continue to be unaware of breaches, and data theft and their data will be further compromised.
Investing in a united view
The future of security is going to rely upon improved collaboration between the network and security teams. The network can serve as the greatest source of truth for both operations and security teams if leveraged to its full potential while making significant savings in operational expenditures.
Network infrastructure can natively gather metadata about every business transaction that crosses it and export it to a central platform for the collection, monitoring, and analysis. When NetOps and SecOps are joined collaboratively, they can extract the true value from a single, shared platform and are able to discover important insights that lead to smarter decisions enabling a more secure and efficient organization.