A new report highlights a gap that puts businesses and security postures at risk
A report by Cohesity reveals that while most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organisation’s data security strategy, many of these teams are not collaborating as effectively as possible to address growing cyber threats.
The survey also shows that of those respondents who believe collaboration is weak between IT and security, nearly half of respondents believe their organisation is more exposed to cyber threats as a result — and the implications of that could have significant consequences for businesses.
The research is based on an April 2022 survey conducted by Censuswide, of more than 2,000 IT decision-makers and SecOps professionals — all of whom have a role in the decision-making process for IT or security.
The survey was conducted as nearly three-quarters (74%) of respondents believe the ransomware threat in their industry has increased over the last year, with almost half of respondents (47 per cent) saying their organisation has been the victim of a ransomware attack in the last six months. The survey uncovered the following results globally:
- Security should be a shared responsibility: More than four in five (81 per cent) of respondents overall (86 per cent of IT decision-makers and 76 per cent of SecOps) somewhat or strongly agree that IT and SecOps should share the responsibility for their organisation’s data security strategy.
- But, effective collaboration between IT and security teams is frequently not happening: Almost a third of SecOps respondents (31 per cent) believe the collaboration is not strong with IT, with 9 per cent of those respondents going so far as to call it “weak.” Among IT decision-makers, more than a tenth of respondents (13 per cent) believe collaboration with SecOps is not strong. In total, nearly a quarter (22 per cent) of IT and SecOps respondents believe the collaboration between the two groups is not strong.
- In many cases, even though the threat of cyberattacks has increased, the level of collaboration between IT and SecOps has remained stagnant or has declined: Around 40 per cent of respondents said collaboration between the two groups had remained the same even in light of increased cyberattacks. And, 12 per cent of all respondents said the collaboration has decreased. While only 5 per cent of IT decision-makers said the collaboration has decreased, nearly one in five (18 per cent) of SecOps respondents believe that is the case, highlighting the disparity between the two functions.
- The ongoing tech talent shortage is making matters worse: When asked if the talent shortage impacts the collaboration between IT and security teams, 78 per cent of respondents (77 per cent of IT decision-makers and 78 per cent of SecOps) said yes, it is having an impact.
- As a result of this lack of collaboration between IT and SecOps, many respondents believe their organisation is more exposed: Among the IT and SecOps respondents who believe the collaboration is weak between the two groups, 42 per cent believe their organisation is either more exposed (28 per cent), or much more exposed (14 per cent) to cyber threats.
- The consequences of that exposure could be devastating for businesses and careers: When asked what would be their worst fear about a lack of collaboration between security and IT if an attack takes place, 42 per cent of all respondents are concerned about a loss of data, 42 per cent fear business disruption, 40 per cent are worried customers will take their business elsewhere, 35 per cent fear finger-pointing will take place, and their team will be blamed should any mistakes occur, 32 per cent are worried about paying ransomware, and 30 per cent fear people from both teams (IT and SecOps) will be fired.
“This research pinpoints there is often a lack of collaboration between IT and security teams that we’re seeing across many organisations today,” said Brian Spanswick, chief information security officer, Cohesity. “For too long, many security teams focused primarily on preventing cyber attacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together — but in many cases, they remain separate, and this lack of collaboration creates significant business risks. It can put companies at the mercy of bad actors.”
To further drive this point home, when respondents were asked how their company prioritised data backup and protection as part of their organisation’s security posture or response to a cyber attack, 54 per cent of IT decision-makers said it was a top priority and a crucial capability. In comparison, only 38 per cent of SecOps respondents said the same.
“If SecOps teams are not thinking about backup and recovery and lack next-gen data management capabilities as part of an overall security strategy, that’s a problem,” said Spanswick. “IT and SecOps teams need to collaborate before an attack occurs — looking holistically across the NIST Cyber Security Framework, including five core capabilities: identity, protect, detect, respond, and recover. If they wait to collaborate until their data is hijacked, that’s too late, and the results could be catastrophic for businesses.”
Eighty-three percent of all respondents (84 per cent of IT decision-makers and 81 per cent of SecOps respondents) somewhat or strongly agree that if security and IT collaborated more closely, their organisation would be better prepared to recover from cyber threats, including ransomware attacks. And when respondents were asked what would give their organisation greater confidence that they could recover business systems quickly in the event of a ransomware attack, 44 per cent of all respondents (49 per cent of IT decision-makers and 39 per cent of SecOps respondents) said greater communication and collaboration between IT and security is key.