I recently attended a security conference as a member of a team presenting on log management and SIMs and during one of the sessions a very interesting trend was introduced. A couple of companies have actually moved their network engineering team into the security group.

For those of us who’ve been watching and worrying, about the future structure and service model of the traditional security operations team, this is quite a change in direction. I, personally, had envisioned that the security functions would end up distributed across all the other IT infrastructure delivery teams. I had discussed strategies where the security operations team would have shrunk and provided more of an oversight and governance model, relying on the other IT service delivery teams to perform the actual work of maintaining a secure environment and providing the reactive and proactive services related to IT security operations.

I hadn’t considered the other direction. But hearing about this new direction, and seeing how they found that this was a successful model, my eyes have been opened. It makes a lot of sense. We need network teams to be more security focused, to have the skills to detect and respond to security threats effectively and efficiently. So other than moving a security person into an environment where the focus was on network operations, why not move the network functions into an environment that encourages a security driven delivery? It provides a mechanism to enhance the function and capabilities of the team, by combining the two groups together rather than hoping that a single person or small group can make an impact on a much larger group. It is better to combine the groups rather than divide and try to conquer.

Now I am not saying the network people don’t care about security. I do not want to get hit by loads of e-mail from network people saying that I don’t know what I’m talking about. But I do think with the convergence of network and security, there has to be a convergence in the architectural engineering and delivery of network services to business. This convergence has been happening over the last two years with the introduction of technologies such as network access control, appliances that combine both network and security functions into a single unit, and the number of times that the reliance on each group has been a definitive success factor in delivering a secure environment.

So, in my humble opinion, this is a change in direction that actually could reap great benefits for all, and I wait to see whether other companies and organizations are going to adopt this new model. It actually makes a lot of sense.