📚 Why Now is the Time to Converge IT and Security Functions

IT and security are at it again. Both teams are facing difficulties adapting to the recent move to hybrid technology environments. IT is struggling to bring new endpoints under management, while security is struggling to lock down as many of these new systems as possible. Neither team can agree on which is more important, maintaining performance even if it means leaving some security gaps open or locking everything down even if it means limiting operations. 

This moment of change and conflict has reignited many long-standing questions about how these two functions should work together. Should IT and security remain separate functions, or should they become one? Should IT be absorbed into security, or should it be the other way around? Should either of them exist as their own standalone functions, or should they both become an embedded part of the business functions they serve?

What it means to converge IT and security teams

Convergence is not the same as fully merging the teams with one other. There are a few reasons why they must maintain some independence from each other and remain separate functions: 

• While IT and security share some activities and outcomes, they will always have their own distinct goals that still need to get done.
  
• Organizations will always need teams and leaders who offer specialized perspectives and skills and solely focus on how a narrow domain operates.
  
• Neither function is “correct” all of the time; there are times IT should be the priority and times security should be, and both functions need advocates.

For these reasons and more, merging IT and security is not an option. At the same time, maintaining the status quo is no longer an option. Thankfully, converging IT and security offers a best-of-both-worlds solution. 

When you converge IT and security, you allow them to remain as separate functions, but you bring them closer together. To do so, you break down certain siloes between the two functions, sync their priorities, and create conditions where they can coordinate and collaborate on shared activities. Overall, when you converge IT and security, you help them act like one team in the moments they intersect, primarily around managing and securing endpoints. 

While there are multiple ways these functions can work closer together to keep endpoints secure and operational, there is one initial area where IT and security must converge ASAP. That is shared visibility. 

First, converge IT and security around a single source of truth

IT and security are suffering from a visibility gap largely created by the two functions operating entirely separate from each other. 

Most IT and security teams have their own set of point tools. Each of these only offers a small piece of the solution required to manage and protect endpoints, and many are redundant between the two functions. These siloed tools often collect their own data and make it difficult—if not impossible—for either CIOs or CISOs to stitch together a comprehensive picture of the environment in real time. 

Despite heavy investment in new tools by both IT and security, this visibility gap isn’t closing; it’s growing. A recent study found that in 94% of enterprises, up to 20% of all endpoints remain undiscovered and unprotected. This visibility gap created by IT and security operating separately causes big problems for both functions.

• IT must manage their endpoints without being able to answer basic questions like “How many endpoints do I have” and “What applications are we running?”
  
• Security must protect their endpoints without knowing the answers to fundamentals on whether endpoints or patched or if there are proper controls on every endpoint 
  
• IT and security must agree on priorities without sharing the same picture of what vulnerabilities exist in the environment and what it takes to close them. 

To solve these problems and to bring IT and security closer together as a whole the two functions must create and converge around a single, comprehensive, and real-time picture of their environment. Now is the right time to create this single source of truth and lay the foundation for broader convergence between IT and security. Here’s why. 

Why organizations need IT-security convergence more than ever

The pandemic is only part of the problem. For the most part, IT and security must now converge due to multiple long-term trends that have reached a tipping point. 

• Ransomware and other attacks are succeeding. Organizations spent over US$160 billion on cybersecurity this year, yet ransomware attacks are still occurring every 11 seconds. Despite endpoint management and security getting more attention than ever, these problems are only getting worse. 
• The attack surface is larger than ever. The pandemic and the creation of large-scale hybrid networks are only part of the problem. The global network of Internet-of-Things (IoT) devices is expected to grow to 43 billion devices by 2023, and all digital devices are becoming more integrated than ever. 
  
• Most security challenges are operational in nature. The most ways to close the attack surface and defend against ransomware involve coordination between IT and security, including asset management, configuration management, patch management, and application security management. 
  
• Endpoint technology has advanced. Organizations no longer need to deploy dozens of point tools to manage and secure their endpoints. They can now replace these tools with a converged endpoint management (XEM) platform that consolidates all necessary visibility and workflows.   

These trends and challenges will only grow. Organizations must solve them while they are still manageable. And convergence between IT and security is the solution.  

Learn how to converge IT and security with Tanium here

Security Practices