OnPage Corporation is the Secure Messaging/Critical Alerts Leader: Learn More…
IT Security And Operations Staffs Often Work At Cross-Purposes
Article Courtesy of: Forbes
Hackers and state-sponsored cyber armies aren’t the only security threats large enterprises face today.
Some of the biggest risks come from outdated and poorly synchronized internal procedures that thwart efforts to quickly defend against known threats. For example, 44% of executives in North America and Europe say security breaches occur even when vulnerabilities and their remediation have already been identified.
The result: many enterprises face unnecessary risks to data loss and production downtime.
One reason: while the joint efforts of security and IT operations ultimately deter- mine an enterprise’s security strength, the individual goals of these two groups are often misaligned, thanks to conflicting responsibilities and different metrics for evaluating and rewarding successful performance. The result is what industry analysts are calling a “SecOps gap,” where poor collaboration between these two groups results in unnecessary security vulnerabilities, business-system downtime, excessive labor costs and challenges meeting regulatory requirements.
These problems came to the forefront in an exclusive new survey by Forbes Insights and BMC of senior security and IT managers at large enterprises in North America and Europe. A series of in-depth interviews with executives on both continents uncovered best practices for balancing security, IT system uptime and regulatory compliance. A common theme emerged from the survey and the one-on-one interviews: today’s enterprises need a modern game plan that uses technology, people and processes to close the SecOps gap.
Some key findings from the report:
- 60% of respondents say operations and security teams have only a general or little understanding of each other’s requirements.
- 42% of executives report that poor coordination leads to excessive labor costs in security and IT operations departments.
- 50% of enterprises experience outages and poor performance in IT systems due to poorly applied security patches.
- 52% of enterprise leaders in North America and Europe equate regulatory compliance with tighter security.
- 60% of North American firms and 37% of European firms expect to purchase or implement a SecOps solution in the next 12 months.
To better understand the SecOps gap and why it exists, consider the core responsibilities of two key stakeholder groups: chief information and chief information security officers on one hand and vice presidents of operations on the other.
In fundamental terms, chief information officers (CIOs) and chief information security officers (CI- SOs) do everything they can to keep their organizations secure, while IT operations managers and their staffs work diligently to keep the business productive and competitive.
Read the FULL STORY on FORBES