Download to read offline
Uploaded byEnterprise Management Associates
From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observability
Research from Enterprise Management Associates (EMA) reveals 86% of IT organizations are boosting collaboration between network and security teams. Why are network and security teams coming together now? More importantly, how can they work together effectively to drive better outcomes? Download these research slides to get insights into: - The forces driving increased collaboration between network and security teams - Proven strategies for building strong NetSecOps partnerships - How network observability solutions can eliminate roadblocks to success Don't miss this opportunity to gain practical insights for fostering seamless collaboration between these critical teams.
More Related Content
Similar to From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observability
More from Enterprise Management Associates
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observability
- 1. @ema_research | @ema_research From Adversariesto Allies: Bridge the NetOps/SecOps Gap with Network Observability Shamus McGillicuddy VP of Research Network Infrastructure and Operations Enterprise Management Associates (EMA) Daniel Smallwood Software Senior Sales Engineer LiveAction, a BlueCat Company
- 2. @ema_research | @ema_research 2 Watchthe On-Demand Webinar • From Adversaries to Allies: Bridge the NetOps-SecOps Gap with Network Observability On-Demand Webinar: https://info.enterprisemanagement.com/bridge-the-netops-secops- gap-with-network-observability-ss © 2025 Enterprise Management Associates, Inc.
- 3. @ema_research | @ema_research @ema_research | @ema_research FeaturedSpeakers Shamus is a Vice President of Research at EMA, where he leads the network infrastructure and operations practice. He has nearly two decades of experience in the IT industry. His research focuses on all aspects of managing enterprise networks, including network automation, AIOps-driven network operations, multi-cloud networking, and WAN transformation. Daniel is a Senior Solutions Engineer with LiveAction Software, a BlueCat Networks company. For over 20 years, Daniel has been a dedicated and versatile Security engineer with a background in systems engineering, information security, IT, and operations. © 2025 Enterprise Management Associates, Inc. 3 Shamus McGillicuddy VP of Research Network Infrastructure and Operations Enterprise Management Associates (EMA) Daniel Smallwood Software Senior Sales Engineer LiveAction, a BlueCat Company
- 4.
- 5. @ema_research | @ema_research @ema_research | @ema_research NetSecOpsAlignment is Expanding © 2025 Enterprise Management Associates, Inc. 5 Source: EMA, ”NetSecOps: Examining How Network and Security Teams Collaborate for a Better Digital Future,” January 2024 Many network and security silos are collapsing Collaboration between network and security teams is intensifying
- 6. @ema_research | @ema_research @ema_research | @ema_research PollQuestion 1 © 2025 Enterprise Management Associates, Inc. 6 Over the last two years have you seen an increase or reduction in collaboration between your organization’s networking and security teams? • Increased collaboration • Reduced collaboration • No change
- 7. @ema_research | @ema_research @ema_research | @ema_research Whyare These Teams Coming Together? © 2025 Enterprise Management Associates, Inc. 7 Technologies and initiatives most responsible for collaboration: 40% IT/network automation strategy 31% Hybrid cloud 29% Secure access service edge 28% Internet of Things/operational technology 28% Multi-cloud architecture 24% Remote/Hybrid work Business issues that encourage collaboration: 30% IT labor issues/skills gaps 29% New regulatory requirements 27% Recent cybersecurity incidents 25% Budget challenges
- 8. @ema_research | @ema_research @ema_research | @ema_research SecurityTeams Need Network Data © 2025 Enterprise Management Associates, Inc. 8 96% say the security team’s need to analyze network data is driving collaboration Subject matter experts perceive this driver more than management Network data is a bigger driver if an organization has experienced recent cybersecurity incidents Concerns about data quality rise with this need for network data
- 9. @ema_research | @ema_research @ema_research | @ema_research Packetsare a Particular Focus © 2025 Enterprise Management Associates, Inc. 9 How valuable is it for your security team to have access to full packet data associated with the traffic that traverses your organization’s network? Top use cases: 40% Investigating alerts from endpoint security tools 35% Investigating alerts from network security tools 33% Investigating alerts from SIEM/SOAR/XDR 30% Investigating data exfiltration – more common in NOCs and in the midmarket (1k to <5k people) 28% Investigating indicators of compromise Network engineering and cybersecurity teams are more likely to see the importance of packets
- 10.
- 11. @ema_research | @ema_research @ema_research | @ema_research 89%of Network Teams Say Their Observability Solutions Provide Security Insights © 2025 Enterprise Management Associates, Inc. 11 Tools with valuable security insights correlate with successful NetSecOps collaboration Warning sign: IT middle management and executives perceive more value than subject matter experts How valuable are the security insights that your network performance monitoring tools provide? Insights of interest: 52% Network detection and response 43% Health/performance reporting on network security infrastructure 40% Correlations of performance issues with indicators of compromise 31% Inventory assessments 30% Forensic analysis of incidents
- 12. @ema_research | @ema_research @ema_research | @ema_research ITPros Believe a Shared Monitoring Tool Across Network and Security Teams is Valuable © 2025 Enterprise Management Associates, Inc. 12 Perceived value is higher when NetSecOps collaboration is driven by adoption of: Secure access service edge Public cloud, especially multi-cloud If your network and security personnel adopted a shared tool for network performance monitoring and network security monitoring, do you think such a tool would be valuable?
- 13. @ema_research | @ema_research @ema_research | @ema_research PollQuestion 2 © 2025 Enterprise Management Associates, Inc. 13 Is your organization interested in adopting a shared network monitoring tool that is used by both your networking and security teams? • Yes • No • We already have one
- 14. @ema_research | @ema_research @ema_research | @ema_research PotentialImpacts of Shared Observability Tools © 2025 Enterprise Management Associates, Inc. 14 Faster incident response/problem resolution Greater network coverage Cost-efficiency Proactive problem detection Optimized data management Collaboration enablement Collaboration enablement has more value when network and security teams are siloed Successful NetSecOps collaborators focus on better data management 42% 40% 36% 36% 36% 32%
- 15. @ema_research | @ema_research @ema_research | @ema_research 92%Perceive Barriers to Shared Observability © 2025 Enterprise Management Associates, Inc. 15 36% Security risk 27% Training requirements 26% Conflicts over budget/shared costs 26% Access control complexity 25% Contention over usage or access 24% Cultural resistance 22% Conflicts over tool strategy/selection Perception gap about challenges IT executives (16%) and middle managers (17%) more likely than subject matter experts (2%) to report no barriers
- 16. @ema_research | @ema_research NetSecOps Outcomes andBest Practices
- 17. @ema_research | @ema_research @ema_research | @ema_research Only45% Report NetSecOps Collaboration is Completely Successful Top Overall Challenges to NetSecOps Partnership © 2025 Enterprise Management Associates, Inc. 17
- 18. @ema_research | @ema_research @ema_research | @ema_research ThePayoff: Top Benefits of NetSecOps Collaboration © 2025 Enterprise Management Associates, Inc. 18 43% Reduced security risk 40% Operational efficiency 40% Faster resolution of network and application trouble 39% Faster detection/resolution of security issues 39% Cost savings 35% Network resilience
- 19. @ema_research | @ema_research 19 Executive buy-inis essential Drive formalized best practices Consolidate middle management Expand budgets Partial convergence is a half measure that doesn’t work Establish deep visibility into cloud traffic Focus on optimizing data management across network and security teams Adopt network observability tools that provide: Full packet visibility Strong security insights Application-layer intelligence (both app performance and app security) NetSecOps Best Practices
- 20. NetSecOps Real-World Examples ofData Sharing Between NetOps & SecOps Daniel Smallwood – LiveAction/BlueCat
- 21. DNS Data SharingBoosts Both Teams • Problem: DNS Attribution • Security teams needed endpoint-level DNS data for threat hunting • NetOps controlled DNS logs but were hesitant to expose production Active Directory (AD) data • Solution: • NetOps enabled debug logging and provided read-only access to logs • Risk was high due to production AD environment • Impact: • SecOps built a database to track IoCs (Indicators of Compromise) to endpoints • Enabled User Behavior Analytics (UBA) around DNS activity • SecOps detected anomalies in DNS operations, proactively informing NetOps
- 22. NetOps Leverages SecOpsPCAP to Uncover Layer 1 Issues • Problem: • Perimeter equipment showed unexplained performance issues • SecOps noticed network anomalies in their logs • Solution: • Retrieved packet capture (PCAP) from a security device monitoring the segment • Impact: • Analysis revealed excessive CSMA/CD jamming signals (1010101010101010) • Determined segment length exceeded IEEE 802.3 limits • Led to targeted physical infrastructure corrections
- 23. VIP Account LockoutInvestigation • Problem: • A VIP’s account repeatedly locked out, causing frustration • NetOps suspected a systemic issue and sought SecOps help • Solution: • SecOps used behavioral data and tooling to identify the endpoint causing the issue • Found a forgotten laptop running with expired credentials, triggering lockouts at intervals • SecOps pinpointed the laptop’s location for NetOps to address • Impact: • NetOps resolved the issue, restoring their credibility with the VIP • SecOps enhanced account lockout detection as part of their security monitoring
- 24. @ema_research | @ema_research @ema_research | @ema_research Learnmore about how LiveAction Software, a BlueCat company, can help your organization! Contact us at sales@liveaction.com © 2025 Enterprise Management Associates, Inc. 24