- Security TWENTY
- Women in Security Awards
Businesses have already found savings by using cloud security to replace legacy security appliances and reduce bandwidth requirements, according to research by a cloud security and firewall product company. Savings are coming from hardware and appliance replacement including VPNs (say 25pc of those surveyed), reduced bandwidth needs (23pc), and vendor consolidation (21pc). Replacing costly firewalls (with Firewall-as-a-Service FWaaS) in particular has produced savings for 21pc of IT teams.
The research was by the company Netskope to see European CIO and CISO intentions and practices. Very near all, 99.5pc of research respondents are undertaking network and security transformation projects in the next five years, and more than half are already under way or lined up for the next 12 months. The question the research looked to answer was; what does this mean in practice for teams, budgets, skills, and suppliers?
The survey suggested a lack of clarity over who should take responsibility – and pay – for key transformation projects and frameworks such as SASE (pronounced sassy, short for Secure Access Service Edge) and ‘Zero Trust’. One in three network and security teams are going to merge within the next two years, driven by a signifiant growth in cloud use which, according to CIOs and CISOs; “makes the separation of teams unhelpful”.
Most, 92pc of CIOs do not intend to converge network and security budgets, even when they merge the teams, potentially risking internal friction. About one in four, 27pc of IT heads are moving responsibility and funding for network security to the security team to fund SASE and Zero Trust, but the same number (27pc) is pushing security budgets in the other direction, handing them to network and infrastructure teams to fund a security-by-design approach.
Some, 28pc of survey participants decreed that SASE was owned by networking teams, with only 18pc deeming it to be the responsibility of security and 31pc saying it was shared
Given this lack of market consistency, it is the firm says unsurprising that 28pc of CIOs and CISOs expect network and security teams to continue to compete for ownership of projects.
As for people, near half, 46pc of survey participants stated either that they are already struggling to find suitable candidates for their security roles or that they anticipate difficulty. Some 38pc plan to look for candidates outside of the cyber skills or IT markets and re-skill them, while 30pc intend to move staff from networking, help-desk and other internal teams.
Neil Thacker, CISO EMEA at Netskope said: “Two items really stood out for me from our research findings. The first is the universal intention among European organisations to transform network and security architectures. The second was that despite this goal being shared by 99.5pc of CIOs and CISOs, there is no general consensus around how best to do this. A lot of resource and budget will be invested in the coming 24 months in the name of transformation, and there are huge cost savings and business improvements to be found. This is a once-in-a-career architectural transformation opportunity and it’s imperative that outcomes are not jeopardised by internal land-grabs, unnecessary bureaucracy and politics, or a simple lack of collaboration between professionals in network and security roles.
“Leaders seem to be saying they understand that their teams need to unite behind shared goals, but they need to ensure they eradicate the political divide that many organisations see across their IT and security teams today. SASE can be successfully implemented by separate network and security teams as long as they collaborate, but there remains a real risk that teams will be frustrated by disparate network and security systems that don’t provide a future-proof architecture that supports the overall company vision.”