Cato Networks today added an extended detection and response (XDR) service to its secure access service edge (SASE) platform to simplify centralizing the management of security and networking services.

In addition, Cato Networks has added an endpoint protection platform (EPP) service based on software from Bitdefender.

Eyal Webber-Zvik, vice president of product marketing for Cato Networks, said collectively, this approach will help reduce the total cost of IT by making it simpler to integrate networking and cybersecurity at a time when many organizations are shifting more responsibility for security operations to IT operations teams.

XDR platforms are designed to make it simpler to integrate data from multiple security tools using a standard format to improve cybersecurity by making it easier to respond more adroitly to threats. Rather than having to deploy agent software everywhere, the XDR service from Cato Networks leverages agents already deployed alongside data collected from third-party tools, noted Webber-Zvik. Cato Networks, for example, has previously integrated firewalls and other cybersecurity tools and frameworks into a SASE platform that is centrally managed via the cloud.

The overall goal is to make it simpler for cybersecurity teams to correlate threat intelligence generated by multiple tools without necessarily having to replace them with one single platform, said Webber-Zvik.

In general, the decision as to how to manage security operations is now being made by CISOs and CIOs, who are now working more collaboratively, noted Webber-Zvik. Many organizations now realize the best way to address the ongoing cybersecurity skills shortage is to shift more responsibility for security operations to IT teams, he added.

It’s not clear how quickly organizations are folding security operations into IT operations, but that approach should free cybersecurity teams to focus more on implementing the right policies and controls to secure attack surfaces that only continue to expand. At the same time, the volume and sophistication of the attacks being launched continue to grow. Every minute spent on security operations is one less minute cybersecurity teams will have to discover and mitigate those threats.

Ultimately, the unification of security and IT operations should provide a firmer foundation for applying artificial intelligence (AI). As the collection of metrics becomes more unified, it becomes simpler for machine learning algorithms to discover anomalies in normalized data that might be indicative of a breach.

In the meantime, cybersecurity teams should try to spend more time bridging the cultural divide that often exists between them and IT operations teams, which tend to be more focused on the availability of services than cybersecurity. It will require a significant amount of hands-on training for IT operations teams to assume more responsibility for security operations. Providing that training required security and IT operations staff to work together shoulder-to-shoulder.

Hopefully, all that collaboration will even the cybersecurity odds that, today, are stacked against most organizations. Despite whatever friction that exists between cybersecurity and IT operations teams, the most important thing for those teams to remember is their common enemy has a lot more resources at their disposal than they do.