SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Security and operations collaboration key to success post COVID-19
Wed, 14th Oct 2020
FYI, this story is more than a year old

Multiclouds, workloads, and application environments are interrupting the way that security and operations teams need to interact.

New levels of complexity are driven by an overall lack of integration between the two, as well as poor communication, non-standardised systems, accelerated software development lifecycles, and non-collaborative teams and processes.

These findings are according to the new report Accelerating Transformation with Security and Operations Collaboration Best Practices, an IDC InfoBrief sponsored by SolarWinds.

In addition to the above, the report found that the COVID-19 pandemic has put siloed infrastructures under a microscope and increased the need for integration between operations and security teams, including mutual visibility of systems.

In addition, organisations with teams that communicate regularly rise to meet the challenges of multicloud, multidevice, multinetwork, etc.

Furthermore, standardisation and team collaboration are two strategies that can reduce and contain costs and complexity across IT and security teams.

The report found that IT and security share discreet concerns, such as risk and workflow that can help align teams, and an organisation has to be finely attuned to ‘risk' and manage risk at the right levels.

When it comes to compliance, companies want to have the ability to ‘show' compliant practices as much as they want to maintain actual compliance.

As for digital transformation, network architecture is becoming more and more cloud-based, and endpoint protection platforms have become increasingly important.

IDC interview excerpts support these points. For example, a corporate operational vice president for a aerospace company explained, “Some of our security and operational processes are fragmented; COVID-19 is accelerating their integration and automation.

A digital leader at a large insurance company stated, “Our multicloud success requires IT and security teamwork, or we will fail.

Finally, a certified information security manager for a US financial institution said, “The first thing I look for in a job applicant is: do they understand risk?

SolarWinds vice president of security Tim Brown says, “We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align.

“As this study showed us, the challenges these teams face are across all verticals. We're all trying to do more and push our IT infrastructure to its limits, and cybersecurity can't be an afterthought.

"When we work together, things move more quickly and more efficiently. And we need to simply understand that we share a lot of the same priorities and we're not as different as we really think.

The IDC/SolarWinds report is based on in-depth conversations with IT/development and security professionals across numerous sectors, paired with relevant IDC quantitative data.

Interviews were conducted with IT/development and security operations team members from the hospitality, finance, manufacturing, and government sectors. Data cited from several other IDC surveys was completed independently of SolarWinds.