Nearly half of executives say their organizations experience data breaches even after vulnerabilities and remediation have been identified. The result is that many enterprises face unnecessary risks to data loss and production downtime.

Those are among the findings of a new study by Forbes Insight, in association with BMC, entitled "A Game Plan for Closing the SecOps Gap: Coordinate Security and Operations Staffs to Improve Security, Uptime and Compliance."

The study looked at the data breach experiences of companies in North America and Europe, with 44 percent of executives surveyed indicating their organizations had suffered a breach despite defensive steps taken.

“While the joint efforts of security and IT operations ultimately determine an enterprise’s security strength, the individual goals of these two groups are often misaligned,” the study noted. “The result is what industry analysts are calling a ‘SecOps gap,’ where poor collaboration between these two groups results in unnecessary security vulnerabilities, business-system downtime, excessive labor costs and challenges meeting regulatory requirements.”

In preparing the report, researchers conducted a series of in-depth interviews with senior security and IT managers at large enterprises. The goal was to uncovered best practices for balancing security, IT system uptime and regulatory compliance. “Today’s enterprises need a modern game plan that uses technology, people and processes to close the SecOps gap,” the report noted.

Among the most significant findings were that culture, communication and collaboration are key elements in a successful data security program.

“This report illustrates the importance of culture and incentives to efficient data security,” said Bruce Rogers, Chief Insights Officer at Forbes Media. “Smooth collaboration is as necessary as an intelligent security platform.”

Other key findings include:

60% of respondents say operations and security teams have only a general or little understanding of each other’s requirements.

• 52% of enterprise leaders in North America and Europe equate regulatory compliance with tighter security.

• 50% of enterprises experience outages and poor performance in IT systems due to poorly applied security patches.

42% of executives report that poor coordination leads to excessive labor costs in security and IT operations departments.

“Today, it often takes companies months to remediate known vulnerabilities – exposing companies to potential breaches for six months or more as they work to resolve known threats,” said Bill Berutti, president of the cloud, data center and performance businesses at BMC. “The challenge is to discover, prioritize and fix these vulnerabilities quickly and this calls for improved coordination between security and the IT operations teams. Closing the SecOps gap is critical to protecting an organization's brand and will also ensure customer confidence in those businesses’ ability to protect their information.”

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access