The big task for CIOs in 2020: Bringing security and IT operations together

Bridging the gap between these siloed teams pays off in improved visibility and better security.

bridging the gap with support from others
Thinkstock

The first step in bridging the gap starts with understanding the problem.  IT and security operations have worked in silos for decades so one might think “If it ain’t broke, don’t fix it.”  But it is, in fact, broken, and there is little awareness of the impact caused by the fragmentation.

According to a recent study conducted by Forrester on behalf of endpoint security company Tanium, 67% of IT leaders surveyed admitted that driving collaboration between the two groups is a challenge and that the rift widens an already big gap in visibility and makes resolving issues harder.

In organizations that lack collaboration between security and IT, it takes nearly two weeks longer to patch IT vulnerabilities than teams with a healthy relationship, the study found.  This delay can put companies at significant risk of being breached, causing brand damage or even crippling an organization.

Companies don't know what they don't know

Fifty-one percent of IT leaders surveyed by Forrester say they feel they have full visibility into the vulnerabilities and risks in their environment, and 49% say they have full visibility into all the software and hardware assets connected to their IT environment.  From conversations I have had with some senior IT people, I would peg the number at less than 20% that have full visibility into vulnerabilities.

Every company I have ever talked to that thinks they know what’s connected has no idea.  My estimate is that less than 10% of companies actually know everything that is connected to their IT environment.  Unless you’re an organization with a completely locked down IT environment, it’s simply too hard to know.  In the words of Spock, “Insufficient facts always invite danger.”

To continue reading this article register now

7 secrets of successful remote IT teams