When we talk to security architects, one problem becomes very visible: Network operations does not talk enough to security operations and vice versa. We see another issue and that is the communication and cooperation between application owners and network and security people.
Often this is reduced to comments on ticket system, IT service management or other systems that people use to communicate and in their normal workflow.
What happens is what many people refer to siloization, the splitting of personnel, data etc. into disparate, isolated units with poor communications.
In a age where every company wants and needs to move faster (aka agile), this is not a great foundation, so many people are thinking of ways to break those silos up.
DevOps and SecDevOps are movements that actively work to break those silos up, to de-silo them and make development, IT operations and security operations work actively together.
Illumio is embracing that approach and we often find people from different silos using our tool as a base for communicating their needs and requirements to the other side by using our application dependency map or creating automated security segmentation policies along the way of their normal CI/CD pipelines.
It's great news that collaboration between Security and IT Operations teams is improving because that cooperation is critical to maturing the security posture of organizations. But the 2019 Dark Reading survey also uncovers some worrying obstacles, not least being the need for unified security and performance visibility in the cloud.