The Rising Role of Security in Advanced IT Analytics
June 16, 2016

Dennis Drogseth

Share this

In two prior blogs I provided some highlights from EMA's Advanced IT Analytics (AIA) research earlier this year, and explained how AIA goes beyond being just a market. (I haven't changed my opinion there, by the way. Right now I'm using the term "landscape of innovation" for AIA, which many in the industry still call "IT Operations Analytics.") In that second blog, I also explained that AIA isn't just about operations, but rather it's a unifying investment that may well span all of IT and even support a growing number of business stakeholders.

As a quick refresher, the research was done in Q1 of this year, and we spoke to 250 respondents — 150 in North America and 100 in Europe (England, France and Germany). We targeted companies over 500 employees with fairly good spread between those over 20,000 employees and smaller businesses. Our leading verticals were finance and banking, high tech software, manufacturing and retail in that order. We tried not to legislate what our respondents thought AIA was or should be, although we did require high-volume, cross-domain (network, systems, applications, etc.) data collection from many different sources, as well as the application of some level of advanced heuristics. The goal was to find out what actual IT priorities were, not to prematurely force them into a box.

In this blog I'd like to highlight one very critical area of AIA that came out in my research: the growing role of security as an integrated requirement for performance, change and capacity management. The truth is, our EMA research did not approach security as a separate use case, but did include security options in questions regarding data source, triage, and other parameters. In fact only 6% of those participating indicated that security was their job description. This contrasted with 21% in operations planning and design and 10% in IT performance engineering.

Here's a look at some of our respondents' priorities. (Remember that we didn't require security roles or use case to do this research, but instead were focusing on performance, change and capacity management.)

Security led the charge for triage and diagnostics: Security came in first followed by what I'd expected to win — isolating whether the problem was in the application, server, network or database. Isolating infrastructure issues in the network came in third followed by isolating problems in provisioning applications. Security's high ranking surprised me, but when I checked earlier research from 2014, I saw that security (or security information and event management or SIEM) was already tied for first place with triage across the application infrastructure.

Security Information and Event Management also led as a data source: Once again security came in first place, this time followed by Internet of Things (IoT). This was an even bigger surprise given past history, as in 2014 the lead data source was, believe it or not, Excel spreadsheets. In fact, the trend in 2016 indicates much more sophisticated attention to data sources, with business process impacts and application transaction data (for technical and business performance) also topping the charts.

Security tied for first place in domain role support: Security tied, in fact, with systems management followed by application development, database and cloud architecture.

Security led in three of the four top AIA use cases directed at supporting the move to cloud: To be specific, the number one priority for AIA-enabled support for the move to public/private or hybrid cloud was improved network security. This was followed by hybrid cloud optimization, compliance and integrated security and performance. Finally, real-time service performance (the ostensible focus for our research) came in fifth. What this tells me is that the move to cloud though desirable is also a little scary — nothing new there. But what is new, at least to me, is security's growing role as an integrated part of AIA initiatives supporting performance and change.

The ascendance of security in core operations and even ITSM concerns is of interest to me even though I'm not the security analyst at EMA (that's David Monahan). Years ago, well before Dave joined, I worked with our security lead to promote joint research and other initiatives across security, performance and change management. But the reaction ten years ago was a lot of nods and no action. The industry just wasn't ready.

Now, it seems, things are changing and they are changing dramatically. Security, operations and even IT service management are becoming much more closely intertwined than in the past. The reasons for this are manifold and include the move to cloud, the pressures from our "digital age" on more cross-domain ways of working, and the need for managing change in a far more dynamic, less conflicted, and "risk free" (or its pragmatic equivalent) way.

One of the critical catalysts for this is in fact AIA. By bringing many multiple data sources together and applying advanced analytic techniques, AIA is becoming a powerful enabler for truly integrating security and service delivery — two worlds that still have different metrics, processes and cultures, but which are finally seeking to work together in a way that was unprecedented in the past.

For more information, view a video on this data and research.

Dennis Drogseth is VP at Enterprise Management Associates (EMA).

Dennis Drogseth is VP at Enterprise Management Associates (EMA).
Share this

The Latest

May 22, 2017

APMdigest asked experts across the industry for their opinions on the next steps for ITOA. Part 5 offers some interesting final thoughts ...

May 19, 2017

APMdigest asked experts across the industry for their opinions on the next steps for ITOA. Part 4 covers automation and the dynamic IT environment ...

May 18, 2017

APMdigest asked experts across the industry for their opinions on the next steps for ITOA. Part 3 covers monitoring and user experience ...

May 17, 2017

APMdigest asked experts across the industry for their opinions on the next steps for ITOA. Part 2 covers visibility and data ...

May 16, 2017

Managing application performance today requires analytics. IT Operations Analytics (ITOA) is often used to augment or built into Application Performance Management solutions to process the massive amounts of metrics coming out of today's IT environment. But today ITOA stands at a crossroads as revolutionary technologies and capabilities are emerging to push it into new realms. So where is ITOA going next? With this question in mind, APMdigest asked experts across the industry — including analysts, consultants and vendors — for their opinions on the next steps for ITOA ...

May 15, 2017

Digital transformation initiatives are more successful when they have buy-in from across the business, according to a new report titled Digital Transformation Trailblazing: A Data-Driven Approach ...

May 11, 2017

The growing market for analytics in IT is one of the more exciting areas to watch in the technology industry. Exciting because of the variety and types of vendor innovation in this area. And exciting as well because our research indicates the adoption of advanced IT analytics supports data sharing and joint decision making in a way that's catalytic for both IT and digital transformation ...

May 10, 2017

Colin Fletcher, Research Director at Gartner, talks about Algorithmic IT Operations (AIOps) and the challenges and recommendations for AIOps adoption ...

May 09, 2017

In APMdigest's exclusive interview, Colin Fletcher, Research Director at Gartner, talks about Algorithmic IT Operations (AIOps) and how it will impact ITOA and APM ...

May 05, 2017

Microsoft is expected to essentially wind down Windows 7 support by 2020 so inevitably Windows 10 will be on the IT task list. It would be beneficial, now, to examine some of the issues relating to migrating to Windows 10 OS and how these pain points can be alleviated and addressed. Here are 7 practices that are key to facilitating migration ...