Lack of collaboration between teams leaves gaps for cybercriminals to exploit
While most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organization's data security strategy, many of these teams are not collaborating as effectively as possible to address growing cyber threats.
This is one of the findings of a new report from data management firm Cohesity which also shows that of those respondents who believe collaboration is weak between IT and security, nearly half think their organization is more exposed to cyber threats as a result.
Based on a survey of over 2,000 IT decision-makers and SecOps professionals in the US, UK and Australia, the report shows 43 percent of respondents say collaboration between the two groups has remained the same in light of increased cyberattacks. But eight percent of all respondents say collaboration has actually decreased, with IT decision-makers more likely to hold this view.
In addition 75 percent of respondents (69 percent of IT decision-makers and 82 percent of SecOps) believe that the skills shortage is having an impact.
"This research pinpoints there is often a lack of collaboration between IT and security teams that we're seeing across many organizations today. This communication gap must be closed if organizations want to win the battle against cyber threats and ransomware," says Brian Spanswick, chief information and security officer at Cohesity. "For too long, many security teams focused primarily on preventing cyberattacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together, but in many cases they remain separate and this lack of collaboration gives cyber criminals the room they need to often deliver successful attacks and put companies at the mercy of bad actors."
There's further disparity when it comes to backups. While 51 percent of IT decision-makers say it's a top priority and a critical capability, only 36 percent of SecOps respondents say the same.
Asked what would give their organization greater confidence that they could recover business systems quickly in the event of a ransomware attack, 44 percent of all respondents (45 percent of IT decision-makers and 43 percent of SecOps respondents) say greater communication and collaboration between IT and security is key. 83 percent of all respondents agree that if security and IT collaborated more closely, their organization would be better prepared to recover from cyber threats.