How to fix the disconnect between IT and the C-Suite

null

The view from the boardroom is always a little different than what those on the front lines of IT experience day-to-day. This isn’t inherently problematic, as members of the C-Suite have a fundamentally different job to do than those in IT. But when the disconnect between teams threatens the security of the corporate network, businesses need to take pause.    

In a recent survey that polled IT executives as well as the CEOs, CIOs, CISOs, and CTOs at large enterprises across the US, it’s become clear that as businesses are starting to hit this inflection point, workforces are becoming more distributed and IT can’t keep up. 

One key finding was that the majority of individuals polled at all levels of the corporate ladder aren’t confident in their network security when it comes to supporting mobile devices. In fact, 80 percent of the IT executives polled were not currently confident they could secure data traffic to and from mobile devices, which is alarming considering the uptick in mobile and remote workers across organizations of late. In fact, while 50 percent of the IT executive polled already claim their network capacity exceeds 10 Gbps – a massive jump from the business average just a few years ago – more than 74 percent expect to manage at least 10 Gbps by 2020.   

The dire outlook that IT has for their ability to secure mobile traffic in the future is itself frightening, but only 56 percent of the members of the C-Suite polled – again, compared to 80 percent of IT – share that same outlook. Considering IT represents the teams who are actually tasked with managing network security, such a massive disconnect indicates those in the boardroom may not be seeing the complete picture, and are woefully misinformed about the status of their network defenses. 

Concerns of IT must funnel up to the boardroom 

The survey goes beyond mobile devices, indicating that IT executives are seeing network challenges that are impacting the security of all users on the network broadly, not just remote workers. While mobile may be the primary driver of increased bandwidth needs, as most employees polled access organizational IT through smartphones, tablets and IoT devices, even those workers wired into the network at headquarters are affected by the holes in security that distributed business networks are prone to exposing. 

When discussing their top concern in the face of growing bandwidth needs, 32 percent of IT executives report that the cost of purchasing and installing security appliances was the top issue on their radar. The same percent of IT reported a lack of confidence in the ability of existing security solutions to scale up as their top concern. Twenty-four percent of IT saw the growing cost of network traffic as their chief worry as bandwidth demands explode, while the remaining 12 percent ranked bandwidth management as their primary concern. 

The decision makers in the C-Suite who allocate funds to addressing network needs must be aware of these concerns and ready to support their staff accordingly. Already, nearly half of the large enterprises with remote offices polled spend between $200,000 and $299,000 on backhauling data for those locations. Practically everyone who participated in the survey agrees that the cost of backhaul is likely to grow by 15 percent over the next three years. 

Businesses slow to embrace cloud gateway solutions 

Despite the massive changes networks will be forced to face as bandwidth needs grow, most of the businesses surveyed will continue to rely on traditional web gateway appliances to help secure the networks in the face of evolving cybersecurity threats. Almost half of the large enterprises polled currently use hybrid cloud and on-prem gateway appliances to protect remote network traffic, while 29 percent have only on-prem secure web gateway appliances and 27 percent have cloud-based solutions.   

While many of the enterprises that embrace on-prem appliances do so to maintain complete control of their data, this approach forces teams to purchase more appliances as bandwidth grows in the coming years, requiring IT to invest in backhaul that could break IT budgets. Despite the availability of cloud-based gateway solutions that could slash costs, 71 percent of IT execs who took part in the report plan to increase VPN investments as bandwidth blows up, while 56 percent are already seeing their backhaul budgets increase. 

Teams need to align, but new methods must be explored 

While those in the boardroom need to get on the same page as those managing their enterprise networks to adequately – and cost-effectively – secure their data, IT executives themselves need to be sure they aren’t relying on legacy hardware that could potentially limit their protections. Cloud-based secure web gateways, for instance, remove the need for businesses to backhaul data for remote or mobile users back to headquarters. This goes beyond just improving investment into backhaul, as cloud gateways can also alleviate latency issues that arise when throughput along backhaul networks gets clogged at times of high traffic. 

IT teams also need to make sure that new ways of thinking – exploring cloud-based solutions in favor of legacy on-prem products, for instance – are communicated to members of the C-Suite that are allocating budgets. If confidence in an organization’s cybersecurity is extremely low at the IT level, yet the C-Suite continues to invest in the same legacy solutions, the negative repercussions will only accumulate with time. IT teams may be viewed as incompetent as network performance lags, for instance, while high-profile breaches will damage the reputation of those in the C-Suite that could haunt them for years. 

The impetus falls on both parties – the boardroom and IT – to bridge communication gaps. While IT generally answers to those in the C-Suite, there are still ways to reach the C-Suite without being perceived as “overstepping.” Rather than speaking in technical terms to describe the challenges facing the network, avoid IT shorthand like “latency” and discuss the tangibles of network performance – slow networks that will, in turn, hamper employees’ ability to do business. Even just putting a dollar sign on the cost of on-prem hardware versus cloud solutions rather than discussing how it will affect network architecture is an impactful way to reach the boardroom on terms they can understand. 

The C-Suite needs to be proactive as well, scheduling and enforcing meetings with IT. CIOs in particular need to actively bridge communication between IT and the boardroom and be on the hook for making sure all necessary players are attending and responding to regular correspondence. Implementing the use of reporting tools, for instance, that IT can use to funnel information up to the CIO who can then translate key findings to the rest of the C-Suite is a great place to start.   

Looking at the whole picture is the only way forward for protecting enterprise networks as workers distribute, but making sure all stakeholders are referencing the same image to begin with is pivotal. 

Paul Martini, CEO and Co-founder of iboss 

Image Credit: SFIO CRACHO / Shutterstock