Collaboration between teams helps boost security confidence
Organizations using software to help their IT and information security teams collaborate and align are three times more confident in the effectiveness of their information security efforts according to a new study.
The report from security automation specialist SaltStack shows that 54 percent of InfoSec leaders say they communicate effectively with IT professionals, but only 45 percent of IT professionals agree.
In companies where software is being used to help IT and InfoSec teams collaborate, managers are four times more likely to say their IT and InfoSec teams communicate effectively on important tasks. Moreover, these same organizations are eight times more likely to say their IT and InfoSec teams work together, not just communicate, effectively to secure infrastructure.
The report also identifies a couple of areas where the two sides align. 70 percent of both InfoSec and IT managers say their company sacrifices data security for faster innovation, and both InfoSec and IT managers report that data protection should be prioritized over innovation, speed to market and cost.
"Even though both IT and InfoSec teams agree security is more important than innovation, DevOps teams are outpacing SecOps teams and we now see rapid innovation with lagging security. This is particularly concerning because it increases the likelihood that infrastructure misconfiguration and known vulnerabilities are more exposed to bad actors," says Alex Peay, SaltStack's SVP of product. "Ultimately, an exploited vulnerability will lead to customer and revenue loss, regulatory violations, and diminished brand trust, which were the most-concerning consequences of a breach to our survey respondents. A security exploit combined with pandemic-induced economic headwinds might be the double black swan scenario that kills a company."
InfoSec managers point to a skills and talent shortage, followed by misconfigured infrastructure and unaddressed vulnerabilities, as the top contributors to risk. IT managers say the highest risk comes from unintentional employee leaks and endpoint attacks.
Marc Chenn, CEO of SaltStack adds, "The survey data in The State of XOps Report, Q2 2020 affirms what we’re hearing from our customers every day. We’re at a tipping point for InfoSec driven by the sheer scale of digital infrastructure adoption by businesses of all stripes. We’re in an all-hands-on-deck situation and it is more important than ever for business to get the most out of their essential security and IT operations teams as they collaborate to fix what’s broken. The alternative is not acceptable. SaltStack SecOps products act as a unifying force for IT and InfoSec teams while ensuring effective, automatic remediation and compliance."
The full State of XOps Report is available on the SaltStack site.
Photo Credit: Rawpixel.com/Shutterstock