IT and security are at it again.
Both teams are struggling to adapt to the recent move to hybrid technology environments. IT is struggling to bring their new endpoints under management, while security is struggling to lock down as many of these new systems as possible.
Neither team can agree on which is more important — maintaining performance even if it means leaving some security gaps open or locking everything down even if it means limiting operations — and this moment of change and conflict has reignited many long-standing questions about how these two functions should work together.
- Should IT and security remain separate functions, or should they become one?
- Should IT be absorbed into security? Should security be absorbed into IT?
- Should either of these exist as their own standalone functions, or should they both become an embedded part of the business functions that they serve?
This article offers a new answer to these questions — IT and security must now converge.
What it means to converge IT and security teams
When you converge IT and security, you allow them to remain as separate functions, but you bring them closer together. To do so, you break down certain siloes between the two functions, sync their priorities, and create conditions where they can coordinate and collaborate on shared activities. Overall, when you converge IT and security, you help them act like one team in the moments they intersect — primarily around managing and securing endpoints.
While there are multiple ways these functions can work closer together to keep endpoints secure and operational, there is one initial area where IT and security must converge ASAP — shared visibility.
First, converge IT and security around a single source of truth
Most IT and security teams have their own set of point tools. Each of these tools only offers a small piece of the solution required to manage and protect endpoints, and many of these tools are redundant between the two functions. These siloed tools often collect their own data and make it difficult — if not impossible — for either CIOs or CISOs to stitch together a comprehensive picture of the environment in real time.
Despite heavy investment in new tools by both IT and security, this visibility gap isn’t closing — it’s growing. A recent study found that in 94% of enterprises, up to 20% of all endpoints remain undiscovered and unprotected. This visibility gap — created by IT and security operating separately — causes big problems for both functions.
- IT must manage their endpoints without being able to answer basic questions like “How many endpoints do I have?” and “What applications are we running?”
- Security must protect their endpoints without knowing simple things like “Are my endpoints patched?” and “Do we have proper controls on every endpoint?”
- IT and security must agree on priorities without sharing the same picture of what vulnerabilities exist in the environment and what it takes to close them.
To solve these problems — and to bring IT and security closer together as a whole — the two functions must create and converge around a single, comprehensive, and real-time picture of their environment. And now is the right time to create this single source of truth and lay the foundation for broader convergence between IT and security. Here’s why.
Why organizations need IT-security convergence more than ever
The pandemic is only part of the problem. For the most part, IT and security must now converge due to multiple long-term trends that have reached a tipping point.
- Ransomware and other attacks are succeeding. Organizations spent over $160 billion on cybersecurity this year, yet ransomware attacks are still occurring every 11 seconds. Despite endpoint management and security getting more attention than ever, these problems are only getting worse.
- The attack surface is larger than ever. The pandemic and the creation of large-scale hybrid networks are only part of the problem.
- Most security challenges are operational in nature. Most of the ways to close the attack surface and defend against ransomware involve coordination between IT and security, including asset management, configuration management, patch management, and application security management.
- Endpoint technology has advanced. Organizations no longer need to deploy dozens of point tools to manage and secure their endpoints. They can now replace these tools with a converged endpoint management (XEM) platform that consolidates all necessary visibility and workflows.
These trends and challenges will only grow. Organizations must solve them while they are still manageable. And convergence between IT and security is the solution.
Learn more about Tanium’s approach to converged endpoint management.