New research released by Tanium and conducted by Forrester Consulting has found strained relationships between security and IT ops teams leave businesses vulnerable to disruption, even with increased spending on IT security and management tools.
According to the study of more than 400 IT leaders at large enterprises, 67 percent of businesses say that driving collaboration between security and IT ops teams is a major challenge, which not only hampers team relationships, but also leaves organizations open to vulnerabilities.
Over forty percent of businesses with strained relationships consider maintaining basic IT hygiene more of a challenge than those with good partnerships (32 percent). In fact, it takes teams with strained relationships nearly two weeks longer to patch IT vulnerabilities than teams with healthy relationships (37 business days versus 27.8 business days).
The study also found that increased investment in IT solutions has not translated to improved visibility of computing devices and has created false confidence among security and IT ops teams in the veracity of their endpoint management data.
Increased investment without improved visibility
In recent years, there has been a considerable investment in security and IT operations tools, as well as an increased focus at the board level on cybersecurity. According to the study, 81 percent of respondents feel very confident that their senior leadership/board has more focus on IT security, IT operations and compliance than two years ago.
Enterprises who reported budget increases said they have seen considerable additional investment in IT security (18.3 percent) and operations (10.9 percent) over the last two years, with teams procuring an average of five new tools over this same time period.
Misplaced confidence leaves firms vulnerable
Despite the increased investment in IT security and operational tools, businesses have a false sense of security regarding how well they can protect their IT environment from threats and disruption. Eighty percent of respondents claimed that they can take action instantly on the results of their vulnerability scans and 89 percent stated that they could report a breach within 72 hours. However, only half (51 percent) believe they have full visibility into the vulnerabilities and risks and fewer than half (49 percent) believe they have visibility of all hardware and software assets in their environment.
The study also showed that 71 percent of respondents struggle to gain end-to-end visibility of endpoints and their health, which could lead to consequences such as poor IT hygiene, limited agility to secure the business, vulnerability to cyber threats and collaboration between teams.
Chris Hallenbeck, Americas Chief Information Security Officer at Tanium said:
“According to our research, most teams are confident in their ability to take timely action on the results of their vulnerability scans. However, further investigation shows teams are admittedly suffering from visibility gaps of all hardware and software assets in their environment, which undermine these efforts to take action. With around 50 percent of IT leaders showing confidence in asset and vulnerability visibility, you’re essentially leaving your security to a coin flip.”
Unified endpoint solutions allows firms to operate at scale
A unified endpoint management and security solution – a common toolset for both Security and IT Ops – can help address these challenges. In the study, IT decision makers stated that a unified solution would allow enterprises to operate at scale (59 percent), decrease vulnerabilities (54 percent), and improve communication between security and operations teams (52 percent).
IT decision makers also say that a unified endpoint solution would help them see faster response times (53 percent) and have more efficient security investigations (51 percent), while improving visibility through improved data integration (49 percent) and accurate real-time data (45 percent).
According to the Forrester study: “IT leaders today face pressure from all sides … To cope with this pressure, many have invested in a number of point solutions.
“However, these solutions often operate in silos, straining organizational alignment and inhibiting the visibility and control needed to protect the environment … Using a unified endpoint security solution that centralizes device data management enables companies to accelerate operations, enhance security, and drive collaboration between Security and IT Ops teams.”
The post #Privacy: Relationship breakdowns between security and IT ops leaves companies at risk appeared first on PrivSec Report.