Search form

Most Popular

Upcoming Webinars

SignalFx Live Demo
June 19, 2019

On-Demand Webinars

Breakthrough Innovations in SaaS and Cloud Performance
Closing the Feedback Loop for Engineers
Monitoring Kubernetes and Service Mesh Environments
Assuring Performance in Hybrid Cloud Ecosystems | QOS and User Experience in the Digital Age
Business Dashboards, Application Performance Analytics and Admin Functions
Server and Infrastructure Monitoring from a Single Console
Application Performance Monitoring with Code Level Diagnostics
Delivering the Right End User Experience with Your Application Performance
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Ensure High-Performing Microsoft .NET Applications
Four Best Practices for Delivering Exceptional User Experience in VMware Horizon VDI Environments

All Webinars...

Analyst Reports

Gartner Magic Quadrant for Application Performance Monitoring 2019
Gartner MQ for Network Performance Monitoring and Diagnostics 2019

All White Papers...

White Papers

Driving Performance in Modern Data Applications
How Do Releases Affect Software Quality?
Signal vs Noise: Identifying Which Fixes Are Important and Impactful
Best Practices to Ensure High-Performing Java Applications
The Definitive Guide to Serverless Monitoring and Observability
Monitoring Microservices on Kubernetes
Metrics: The Foundation For Cloud Monitoring In A Real-Time World
Operational Intelligence for the Entire Organization
Best Practices Guide for Creating Alert Detectors
The 4 Key Challenges of Cloud Monitoring
Converged Application & Infrastructure Performance Monitoring
Industry Insights: 2018 Citrix XenApp & XenDesktop Migration Survey Results
Overcoming Performance Monitoring Tool Sprawl with a Single-Pane-of-Glass Solution

All White Papers...

Bridging the SecOps Gap
Security and Operations Teams Must Band Together to Foil Hackers
January 25, 2016

Bill Berutti
BMC

Share this

The world saw an epic number of data breaches in 2015. Reports of large-scale hacking attacks stealing everything from government secrets to children's birthdays and toy profiles were splashed across the headlines. IT executives and their teams were left to ponder – would we be next? As leaders, we need to leverage the strengths of our security and operations teams to fight back.

BMC and Forbes Insights recently surveyed executives in North America and Europe to get their perspective on their organization's overall security health and to find out what issues are critical to address. The results revealed the need for a framework organizations can use to get a solid strategy in place for improved security and compliance.

The survey showed that 97% of executives expect an increase in breach attempts in the next 12 months and 44% of executives say breaches occur even when vulnerabilities and remediation techniques are already identified. These two statistics paint a sobering image – almost half of data breaches could have been prevented.

With the threat of attacks on the rise, what causes unimplemented remediation plans to sit on the shelf? Lack of visibility between groups, lack of automation and competing priorities between groups all contribute to the issue. These three factors combine to create the "SecOps Gap."

Inconsistent approaches, manual processes and no ability to identify a threat and track its status across the lifecycle are challenges commonly faced by most organizations, and they all contribute to the gap. To address this, companies must focus on three critical elements to ensure that their security and operations teams are aligned on objectives and share accountability for the security and compliance of the organization. The three elements are People, Process and Technology.

People

A strong people strategy is the heart of an effective change management initiative. Start with setting a consistent vision for the security and operations teams. They need to see that they are interdependent and have shared goals in regard to the overall security of the organization. They need to balance these goals together with the needs of the business to be agile and reliable.

Process

The processes need to be reviewed in light of the shared goals and objectives. Repetitive, manual workflows should be evaluated to see if they are candidates for automation. Handoffs between the organizations need to be tight and provide opportunities for feedback and learning.

Technology

Technology should be deployed to facilitate the coordination and collaboration between these organizations. It is vital to be deliberate and to make sure that the technology you choose is built to solve the complete problem and not just portions of it. Many organizations implement point solutions to address the problem which fall short of addressing the complete problem.

Solutions must also be able to scale to handle the demands and complexity of your enterprise. Of the survey respondents, 60% want tools for automating corrective actions and 59% want a centralized view into vulnerabilities and remediation actions.

With 60% of survey respondents stating IT operations and security teams have only a general understanding of each other's requirements, it's clear that the SecOps Gap needs to be quickly acknowledged and addressed.

Bill Berutti is President of the Cloud, Data Center and Performance Businesses at BMC.

Share this

Related Links

www.bmc.com
BMC Joins the Vendor Forum

Hot Topics

IT Culture

The Latest

Digital Business is Top-of-Mind
June 13, 2019

Establishing a digital business is top-of-mind, even more so than last year, as 91% of organizations have adopted or have plans to adopt a digital-first strategy, according to IDG Communications Digital Business Research ...

Digital Transformation Suffers from Poor Alignment Between IT and Execs
June 12, 2019

If digital transformation is to succeed at the pace enterprises demand, IT teams, the CIOs who lead them, and the boardroom must forge a far greater alignment than presently exists. That is the over-arching sentiment expressed by IT professionals in a recent survey on the state of IT infrastructure and roadblocks to digital success ...

Spot the Symptoms of Poor App Performance - Part 2
June 11, 2019

Given the incredible amount of traffic traversing corporate WANs, it's not surprising that businesses are seeing performance issues. If anything, it's amazing applications work as well as they do ...

Spot the Symptoms of Poor App Performance - Part 1
June 10, 2019

Are your business applications sluggish? Choppy? Prone to getting hung up or crashing at the most inopportune times? If these symptoms sound familiar, you might be suffering from the heartache of … poor application performance. Stop me if any of this sounds familiar ...

AIOps Exchange: The AIOps Manifesto
June 06, 2019
AIOps Exchange, a not-for-profit private forum defining the future of AIOps, published <span style="font-style: italic;">The AIOps Manifesto</span> discussing the role of AI in supporting digital transformation ...
4 Strategies for Ensuring Application Performance Across Hybrid Networks
June 05, 2019

As network transformation initiatives like SD-WAN, edge computing and public/private clouds are adopted at increasing rates, hybrid networks are quickly becoming the new normal for IT and NetOps professionals.Without visibility into these hybrid network environments, NetOps are unable to troubleshoot the business-critical applications every organization relies on today. Here are four ways IT and NetOps teams can gain better visibility into complex, hybrid networks ...

Establishing an Internet Performance Benchmark
June 04, 2019

A minimum Internet Performance Bar exists that, if met, should deliver top-tier website performance, regardless of industry, according to the 2019 Digital Experience Performance Benchmark Report, from ThousandEyes, a comparative analysis of web, infrastructure and network performance metrics from the top 20 US digital retail, travel and media websites ...

It's Time to Change the "Channel" to AIOps
June 03, 2019

Since digital transformation is happening at such a rapid pace based on new, highly complex technologies like multi-cloud, containers and microservice architectures, customers are experiencing more challenges than ever in managing this complexity. However, with every challenge comes an opportunity. So, how can channel partners leverage these market disruptions to open the door to opportunity? The answer is simple ...

APM Drives Business
May 30, 2019

Executives from proactive organizations reported using performance management strategies to deliver innovation and meet broader business goals, and implementing application performance management (APM) tools with advanced monitoring features such as real-time user experience monitoring, and providing a composite view of log and performance data, according to Driving Business Performance Through Application Performance Management, a new report from GigaOm ...

5 Tips To Move From Service to Self-Service
May 29, 2019

Through our recent study, we wanted to better understand how service desk users are interacting with the service teams; how they connect for service; the manner in which most service desks receive user requests; and if organizations employ a knowledge base and how that information might be stored. Here’s what we’ve discovered ...