By Tony King, SVP International at NETSCOUT
In today’s world, where the digital landscape is rapidly evolving, the cyber threat level is continuing to grow. Cybercriminals are constantly refining their attack techniques, developing increasingly complex and sophisticated cyberattacks.
Our findings reinforce this, with approximately 7.9 million distributed denial-of-service (DDoS) attacks taking place in the first half of 2023, representing a 31 percent increase year-over-year. This equates to roughly 44 thousand DDoS attacks per day worldwide. In terms of attack methodologies, there was a near 500 per cent growth in HTTP/S application-layer attacks, as well as 17 percent increase in DNS reflection/amplification attacks from the second half of 2022 to the first six months of 2023.
As cybercriminals continue getting better at launching increasingly dangerous attacks and bypassing traditional defense systems more effectively than ever before, it is imperative for organizations to implement robust cybersecurity systems.
The Benefits of Cross-Team Collaboration
Two teams which play key roles in supporting a business’s security posture and ensuring smooth functioning of its network infrastructure are network operations (NetOps) and security operations (SecOps).
Traditionally NetOps and SecOps teams have operated in their own silos, largely due to having different goals. For network teams, their attention is on providing easy access to information and devices. In contrast to this, security teams are focused on restricting access to information and devices. This leads to disparate tools and results in unmonitored areas within the network which threat actors can exploit.
Additionally, if a possible threat to an organization is identified, it could take days or even weeks to investigate and resolve the issue due to a lack of communication and cooperation between the two teams. For instance, many security breaches are unearthed when operations or applications become slow, with a closer look revealing a security breach has taken place. Collaborating would ensure enterprises identify this potential breach before it becomes an issue and prevent it all together.
Nowadays, as cybercriminals and the attacks they are launching become ever more threatening, it is increasingly important for there to be collaboration and data-sharing between the NetOps and SecOps departments.
When the two teams collaborate with one another, enterprises can reap several advantages. This includes rapidly accelerating the time it takes to detect and respond to a threat. When these teams share and combine their network traffic data and threat intelligence, they can rapidly discover potential security breaches and swiftly analyse them. This collaborative approach ensures organisations can take a proactive position to mitigating threats, diminishing the risk of significant damage or data loss.
Furthermore, cooperation can also lead to improved network performance. One of the key challenges faced by NetOps teams is ensuring optimal network performance. By sharing their security data with SecOps, NetOps departments gain an understanding of traffic patterns which may be the root cause of network congestion or performance problems. This information empowers them to act immediately, optimising network performance and assuring that critical systems receive the necessary bandwidth required for efficient and effective operation.
Adding to this, by sharing data, organizations can create a holistic view of network activities, enabling SecOps teams to share detailed visibility into traffic patterns with their colleagues in the NetOps department. This collaborative monitoring approach provides both teams with the ability to highlight anomalies, unusual behavioral patterns, and suspicious activity in a swift manner. Together, they can detect possible threats before they develop into something more sinister, further enhancing the business’ security posture.
Elsewhere, effective collaboration and communication between the two teams streamlines the compliance monitoring and reporting process, in addition to also enabling both departments to gain a more thorough understanding of one another’s goals and challenges.
How Data-Sharing Helps Businesses Overcome Challenges
Data-sharing and cooperation between NetOps and SecOps teams also plays a vital role in assisting organizations when it comes to overcoming several key challenges. Arguably the most significant of these concerns, which collaboration helps to overcome, is the issue of siloed data. When information is segregated and kept within individual teams, enterprises can lose sight of the bigger picture. Sharing data eliminates these barriers, making certain that relevant information is available to all stakeholders, leading to improved collaboration and more informed decision-making.
What’s more, collaboration facilitates timely identification and reaction to emerging threats, significantly reducing response times. To limit potential damage to an enterprise’s network infrastructure, rapid response to security incidents is imperative. Access to real-time information from both NetOps and SecOps teams ensures organizations can successfully neutralise threats before they are able to escalate.
Additionally, data-sharing can eradicate incomplete analysis. When information is siloed, both NetOps and SecOps teams will be unable to access detailed datasets, meaning they may find it problematic to conduct comprehensive network traffic analysis. By sharing data, these knowledge gaps are filled, equipping teams with an in-depth understanding of network activities. This enables them to make smarter, more thoughtful decisions, as well as to respond efficiently and effectively to potential threats.
As the rapid evolution of cyberthreats continues, collaboration between NetOps and SecOps teams is imperative for enterprises to ensure they maintain a robust security posture.
By sharing data and working together, businesses can enjoy faster network threat detection and mitigation, enhanced network performance, and improved visibility and monitoring. These combine to create a more secure, reliable, and efficient network infrastructure, protecting an enterprise’s sensitive data and preserving its reputation.
For organizations, tearing down data silos and adopting a collaborative approach is not simply just a best practice – it is essential in the modern-day digital landscape. In the past 20 years, I have seen cyberthreats move from the old switch rooms (now data centers) to the board room as a business risk. It is important that both teams support each other to defend the integrity of the company’s data and the network infrastructure.
About the Author
Tony King is NETSCOUT’s Senior Vice President, International Sales with responsibility for directing all sales into the Company’s expansive service provider and enterprise customer base across the EMEA and Asia-Pacific regions. Mr. King has a proven track record in building open, collaborative and international sales cultures that have produced strong and sustained revenue growth.
Prior to this role, Mr. King had served as Senior Vice President, Worldwide Sales for the Arbor security offerings since 2013. He came to NETSCOUT through the Danaher Communications Acquisition in 2015 as Vice President of Global Sales, focused on maintaining market leadership in DDoS detection/mitigation and strengthening the Global Channels to market.
Mr. King has over 30 years of Networking/Security/Telecom sales and sales leadership experience globally. Prior to joining NETSCOUT, Mr. King has held various roles within Arbor Networks. In his previous role as VP EMEA, Mr. King was directly responsible for driving revenue and building out the EMEA team over a successful 5-year period. Before joining Arbor in 2003, Mr. King served at Avici Systems as Sales Director. Prior to that, he worked for Ericsson’s Datacom division as Regional Sales Director.