According to the report from 1E, a management and security company, businesses are ‘woefully unprepared’ for cyber breaches due to lack of IT security and operations basics and that despite 60 percent of businesses saying that they had experienced a serious security breach in the last two years.
A lot of the problems being caused are because of the digital transformation businesses are going through.
As a result, 80 per cent of respondents said that it was increasing the cyber risk to their businesses.
Interestingly, it was also found that the Dark Web was making it far easier for attackers to monetise stolen data.
Discussions around cybersecurity are covered regularly in the press – which isn’t surprising when you consider that the global spend on security is predicted to exceed $1 trillion through to 2021.
However, 1E’s research raises some important issues and suggests that while organisations may be spending vast sums of money on new and expensive tools, the real problem appears to be down to a lack of a cohesive relationship between IT security and IT operations.
The report found that fewer than a quarter of companies believe that their IT operations and IT security teams were working effectively together to secure the business, while 97 percent said their organisation would benefit from better collaboration between these teams
Sumir Karayi, CEO at 1E warned that, “Businesses are losing control of their estates because of fundamental issues such as the widening gap between IT operations and IT security and deferred responsibility.”
There is also a lack of understanding of where the security focus should be.
Karayi observes that, “CIOs have the challenge of explaining the pivotal need for areas like patching, which can feel mundane. But without this hygiene, companies must constantly defend against new vulnerabilities or risk a major breach, which will lead to a software arms race.”
The answer appears quite mundane. IT operations and IT security teams must realise they while they have different objectives, they need to work together, agree their aims and create a shared toolset.
And when something goes wrong, don’t play the blame game!