Tony King is NETSCOUT’s senior vice president, international with responsibility for directing all sales into the company’s expansive service provider and enterprise customer base across the EMEA and Asia-Pacific regions. Tony has more than 30 years of experience working with the networking, security, telecom sectors. Prior to this role, Tony served as senior vice president, worldwide sales for the Arbor security offerings since 2013. He came to NETSCOUT via the Danaher Communications acquisition in 2015 as vice president of global sales, focused on maintaining market leadership in DDoS detection and mitigation and strengthening the global channels to market.
In today’s world, where the digital landscape is rapidly evolving, the cyber threat level is continuing to grow. Cybercriminals are constantly refining their attack techniques, developing increasingly complex and sophisticated cyberattacks.
The findings from NETSCOUT’s latest Threat Intelligence Report highlight this, with approximately 7.9 million distributed denial-of-service (DDoS) attacks taking place in the first half of 2023, representing a 31 per cent increase year-over-year. This equates to roughly 44 thousand DDoS attacks per day worldwide. In terms of attack methodologies, there was a near 500 per cent growth in HTTP/S application-layer attacks, as well as 17 per cent increase in DNS reflection/amplification attacks from the second half of 2022 to the first six months of 2023.
As cybercriminals continue getting smarter and better at launching increasingly dangerous attacks and bypassing traditional defence systems more effectively than ever before, it is imperative for organisations to implement robust cybersecurity systems.
The benefits of cross team collaboration
Two teams which play key roles in supporting a business’s security posture and ensuring smooth functioning of its network infrastructure are network operations (NetOps) and security operations (SecOps).
Traditionally NetOps and SecOps teams have operated in their own silos, largely due to having different goals. For network teams, their attention is on providing easy access to information and devices. In contrast to this, security teams are focused on restricting access to information and devices. This leads to disparate tools and results in unmonitored areas within the network which threat actors can exploit.
Additionally, if a possible threat to an organisation is identified, it could take days or even weeks to investigate and resolve the issue due to a lack of communication and cooperation between the two teams. For instance, many security breaches are unearthed when operations or applications become slow, with a closer look revealing a security breach has taken place. Collaborating would ensure enterprises identify this potential breach before it becomes an issue and prevent it all together.
Nowadays, as cybercriminals and the attacks they are launching become ever more threatening, it is increasingly important for there to be collaboration and data-sharing between the NetOps and SecOps departments.
When the two teams collaborate with one another, enterprises can reap several advantages. This includes rapidly accelerating the time it takes to detect and respond to a threat. When these teams share and combine their network traffic data and threat intelligence, they are able to rapidly discover potential security breaches and swiftly analyse them. This collaborative approach ensures organisations can take a proactive position to mitigating threats, diminishing the risk of significant damage or data loss.
Furthermore, cooperation can also lead to improved network performance. One of the key challenges faced by NetOps teams is ensuring optimal network performance. By sharing their security data with SecOps, NetOps departments gain an understanding of traffic patterns which may be the root cause of network congestion or performance problems. This information empowers them to act immediately, optimising network performance and assuring that critical systems receive the necessary bandwidth required for efficient and effective operation.
Adding to this, by sharing data, organisations are able to create a holistic view of network activities, enabling SecOps teams to share detailed visibility into traffic patterns with their colleagues in the NetOps department. This collaborative monitoring approach provides both teams with the ability to highlight anomalies, unusual behavioural patterns, and suspicious activity in a swift manner. Together, they can detect possible threats before they develop into something more sinister, further enhancing the business’ security posture.
Elsewhere, effective collaboration and communication between the two teams streamlines the compliance monitoring and reporting process, in addition to also enabling both departments to gain a more thorough understanding of one another’s goals and challenges.
Challenges data-sharing helps businesses to overcome
Data-sharing and cooperation between NetOps and SecOps teams also plays a vital role in assisting organisations when it comes to overcoming a number of key challenges. Arguably the most significant of these concerns, which collaboration helps to overcome, is the issue of siloed data. When information is segregated and kept within individual teams, enterprises can lose sight of the bigger picture. Sharing data eliminates these barriers, making certain that relevant information is available to all stakeholders, leading to improved collaboration and more informed decision-making.
What’s more, collaboration facilitates timely identification and reaction to emerging threats, significantly reducing response times. In order to limit potential damage to an enterprise’s network infrastructure, rapid response to security incidents is imperative. Access to real-time information from both NetOps and SecOps teams ensures organisations are able to successfully neutralise threats before they are able to escalate.
Additionally, data-sharing can eradicate incomplete analysis. When information is siloed, both NetOps and SecOps teams will be unable to access detailed datasets, meaning they may find it problematic to conduct comprehensive network traffic analysis. By sharing data, these knowledge gaps are filled, equipping teams with an in-depth understanding of network activities. This enables them to make smarter, more thoughtful decisions, as well as to respond efficiently and effectively to potential threats.
As the rapid evolution of cyberthreats continues, collaboration between NetOps and SecOps teams is imperative for enterprises to ensure they maintain a robust security posture.
By sharing data and working together, businesses can enjoy faster network threat detection and mitigation, enhanced network performance, and improved visibility and monitoring. These combine to create a more secure, reliable, and efficient network infrastructure, protecting an enterprise’s sensitive data and preserving its reputation.
For organisations, tearing down data silos and adopting a collaborative approach is not simply just a best practice – it is essential in the modern-day digital landscape. In the past 20 years, I have seen cyberthreats move from the old switch rooms (now data centres) to the board room as a business risk. It is important that both teams support each other to defend the integrity of the company’s data and the network infrastructure.