Tanium taps the ‘cranium strain’ in security & IT Ops
We know that the software application development (Dev) function has been struggling for some years to overcome its previous disconnects with the operations (Ops) function.
The coming together of Dev and Ops inside DevOps has worked hard to try and build new bridges between these sometimes opposing forces… but there are further disconnects inside of Ops itself.
Research from Tanium conducted by Forrester Consulting suggests that there are also ‘strained relationships’ in place between security (essentially a ‘close cousin’ to the Ops function by most people’s definition) and IT Ops overall.
This strain factor has the potential to leave businesses vulnerable to disruption, even where there has been spending on IT security and management tools.
The study itself quizzed 400+ ‘IT leaders’ at large enterprises.
A total of 67 percent of businesses say that driving collaboration between security and IT Ops teams is a major challenge, which not only hampers team relationships, but also leaves organisations open to vulnerabilities.
IT hygiene
Over forty percent of businesses with strained relationships consider maintaining basic IT hygiene more of a challenge than those with good partnerships (32 percent). The proposition here is that it takes teams with strained relationships nearly two weeks longer to patch IT vulnerabilities than teams with healthy relationships (37 business days versus 27.8 business days).
The study also suggested that increased investment in IT solutions has not translated to improved visibility of computing devices and has created false confidence among security and IT ops teams in the veracity of their endpoint management data.
In recent years, there has been a considerable investment in security and IT operations tools, as well as an increased focus at the board level on cybersecurity. According to the study, 81 percent of respondents feel very confident that their senior leadership/board has more focus on IT security, IT operations and compliance than two years ago.
Enterprises who reported budget increases said they have seen considerable additional investment in IT security (18.3 percent) and operations (10.9 percent) over the last two years, with teams procuring an average of five new tools over this same time period.
Despite the increased investment in IT security and operational tools, businesses have a false sense of security regarding how well they can protect their IT environment from threats and disruption. Eighty percent of respondents claimed that they can take action instantly on the results of their vulnerability scans and 89 percent stated that they could report a breach within 72 hours.
“According to our research, most teams are confident in their ability to take timely action on the results of their vulnerability scans. However, further investigation shows teams are admittedly suffering from visibility gaps of all hardware and software assets in their environment, which undermine these efforts to take action. With around 50 percent of IT leaders showing confidence in asset and vulnerability visibility, you’re essentially leaving your security to a coin flip,” said Chris Hallenbeck, chief information security officer for Americas at Tanium.
Why would endpoint visibility specialist Tanium conduct such a study?
Well, one obvious reason is so that the company can table a proposition here to tell us that a unified endpoint management and security solution – i.e. a common toolset for both security and IT Ops – can help address these challenges.
In the study, IT decision makers stated that a unified solution would allow enterprises to operate at scale (59 percent), decrease vulnerabilities (54 percent), and improve communication between security and operations teams (52 percent).
Endpoint point solutions
According to the Forrester study: “IT leaders today face pressure from all sides … To cope with this pressure, many have invested in a number of point solutions. However, these solutions often operate in silos, straining organisational alignment and inhibiting the visibility and control needed to protect the environment … Using a unified endpoint security solution that centralizes device data management enables companies to accelerate operations, enhance security, and drive collaboration between Security and IT Ops teams.”
IT decision makers also say that a unified endpoint solution would help them see faster response times (53 percent) and have more efficient security investigations (51 percent), while improving visibility through improved data integration (49 percent) and accurate real-time data (45 percent).