BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

15 Tips For Better Brainstorming (Whether You're Hybrid, Remote Or In-Office)
Mindfulness In Leadership: Embrace Introspection And Loving-Friendliness
Ways Your Mental Strength May Be Hurting More Than It's Helping
Why Biodiversity Is Critical For Business
Regeneration For Brands—Why It’s Bigger Than You Might Think
Adapting From A 'Me’ Mindset To A ‘We’ Perspective
Edit Story
ForbesLeadershipLeadership Strategy

A Deeper Look At Closing The 'SecOps Gap'

Hugo Moreno
Former Contributor
Thought Leaders
Contributor Group
Opinions expressed by Forbes Contributors are their own.
This article is more than 8 years old.

We recently took a look at the consequences that arise from friction and lack of coordination between security and IT operations staffs (the SecOps gap): everything from avoidable security risks to data loss, from production downtime to excessive labor costs. These problems came to the forefront in an exclusive new survey by Forbes Insights and BMC of senior security and IT managers at large enterprises in North America and Europe. (Read the full report, “The Game Plan for Closing the SecOps Gap.”)

These problems arise because the individual goals of these two groups are often misaligned, thanks to conflicting responsibilities and different metrics for evaluating and rewarding successful performance.

How to close the SecOps gap? The report makes several recommendations:

  1. Revise internal reporting structures, rewrite job descriptions and create new compensation packages—all designed to better align security and IT operations.
  2. Cultivate a culture of security awareness that encourages people throughout the company to consider security implications before engaging in a new activity.
  3. Create cross-functional working groups to share security and operations concerns and foster greater understanding of each other’s roles.
  4. Mandate that the compliance staff regularly meets with counterparts in other departments to build loyalty and trust.
  5. Replace error-prone manual processes with intelligent compliance and security platforms that automate the testing and rollout of security patches and provide centralized information management tools.
  6. Develop collaborative workflow processes that smooth the interactions of security, IT operations and compliance personnel.
  7. Quantify returns on investments for security, uptime and compliance using custom metrics that account for the unique characteristics of each asset.

Item no. 7 will help secure the support of senior management, something that’s crucial in order to institute a successful strategy for closing the SecOps gap. And the level of executive understanding and commitment required isn’t a sure thing. It’s a good idea to make security and compliance regular agenda items at board meetings, even when there aren’t any new topics to consider, just to keep these issues on the radar.

Hugo Moreno
Hugo Moreno