Search
Close this search box.

Aligning Security and Operations teams is the key to a successful security culture

aligning security and operations

Security is one of the fastest growing verticals in the world.

In 1999, the UK was home to 7 distinct security vendors. Now, in 2018, there are close to 2,000. This means not only are there more issues to solve, but there are also more businesses to service, more devices that need high-levels of security, and greater risks occurring every second.
Creating a strong security culture within your business is vital.
In most businesses, two teams keep the business secure. These are the Operations Team and the Security Team. Security isn’t the Operations team priority. Instead, the Operations team manages day-to-day issues. They are the ones “keeping the lights on”. They send out whatever patches devices across the network need.
On the other hand, your Security Team’s number 1 priority is keeping the organization secure. They take in intelligence, learn about trends, and then feed what they learn to the Operations Team. Within the Security team’s realm of responsibilities is also threat-hunting and remediation. But the list doesn’t stop there. Several other key areas of functionality which they are accountable for as well include ethical hacking and penetration testing,

The command center of any Security team is the hub in which information goes out to the business.

On top of that, it’s where the organization can find information about ongoing training or specific security-related processes. When the Security is organized, end users maintain a calm, business-as-usual atmosphere. If there is a vulnerability, the way they relay the information to the Operations Team has to be careful and clear so that it’s remediated swiftly.

Digital risk is perpetuated throughout the organization when the two teams don’t agree on how to mitigate security issues.

“Making sure we have a good connection between Security and Operations, that we share information and tooling wherever possible, means we can respond much quicker to threats,” explains Rob Peterscheck, CIO at a leading multinational pharmaceutical company.
Listen as Peterscheck details the importance of this close relationship:


Some organizations opt into the Global Threat Intelligent Framework because there are just too many attacks to contend with on a daily basis. Of course, a few of these attacks are significantly less harmful than others, but how can you determine their validity if there are new malware outbreaks every 39 seconds?

User error is the most common catalyst for hackers to violate a security landscape.

A suspicious link or even malware attached within a PDF could be an organization’s downfall.  If Security reminds the users to check or ask before they open or click, this simple practice could save you millions.
Ultimately, there’s a cognitive reframing which needs to happen here. Operations teams must embrace their sizable security responsibilities, and not expect the Security Team to completely own that area. Forward-thinking organizations, with forward-thinking CIOs, must embrace that cybersecurity is a key aspect of the overall success of the business.

Report

The FORRESTER WAVE™: End-User Experience Management, Q3 2022

The FORRESTER WAVE™: End-User Experience Management, Q3 2022