Search form

Upcoming Webinars

Catchpoint Fall 2024 Product Launch Event
October 17, 2024
Planet of the APIs: A Master Class on Monitoring Transactions in the Wild
November 13, 2024

On-Demand Webinars

Turn Your High-Volume CDN Log Analytics into Actionable Insights
Transforming IT into the Enterprise Innovation Engine
The Future of IT Operations - AIOps, Observability and Beyond
Solving the SLO Riddle: Why SLOs Aren't Enough
Taking Web Performance to the Next Level
Equinox levels up its observability fitness with Elastic
Measuring Real-World Performance of DNS Solutions
Introducing Internet Stack Map
What's New at Catchpoint! Spring 2024 Product Launch Event
Master Class: Optimizing CX through 4 Pillars of Internet Resilience
Avoid Observability Failure: Hybrid Enterprises Must Complement APM with Internet Performance Monitoring
Observability Trends: Key Considerations for Modern Observability
Navigating Today's I&O Landscape: Leveraging Cloud, Hyper-Convergence and Observability
Master Class: Monitoring from Your Users' Perspective
2024 Tech Trends: 10 Predictions for Tomorrow's IT Evolution
The SRE Report 2024: What the Charts Don't Tell You
2024 Security Trends: How Generative AI Is Changing the Threat Landscape
Getting the Most Out of Elastic Observability & New Features
Tales from the trenches: Security leaders share insights on protecting higher education
The Impact of AIOps and GAI on Modern Observability
Countering Internet Complexity with AI-Powered Internet Performance Monitoring
Maximizing Customer Lifetime Value: Transforming Ecommerce with AI-Powered Search
AI Meets Search: Powering a New Generation of Insights
Behind the Scenes: Rocket Lawyer's Secret Sauce for Uninterrupted Digital Legal Services
3 Tips to Supercharge Your Application Tracing
What's New at Catchpoint! Fall 2023 Product Launch Event
Demo of Internet Sonar: From Disruption to Instant Detection
Harnessing the Power of Generative AI in Retail
Expert Insights: Navigating Outages Like a Pro
What's New in Application Monitoring: Maximizing Operational Efficiency with Enhanced Performance Insights

All Webinars...

Analyst Reports

Gartner® Magic Quadrant™ for Observability Platforms 2024
Modern Enterprises Must Boost Observability with Internet Performance Monitoring
Forrester Opportunity Snapshot: Increase Revenue with Internet Performance Monitoring

All Analyst Reports...

White Papers

Modernizing the AdTech Stack
10 best practices for mastering Azure monitoring
Key factors to consider when evaluating application monitoring tools
Cloud monitoring: A complex yet essential aspect of effective cloud management
Level up with distributed tracing: Enhancing application performance with Applications Manager
Top challenges of digitization and how network traffic analysis can help
What is APM: Understanding the Basics of Application Performance Management
What is end-user experience monitoring?
How IT leaders can drive more with less
Internet Resilience Report 2024
Bandwidth throttling - A strategic approach to network bandwidth monitoring and optimization with NetFlow Analyzer
Address multi-client network traffic monitoring challenges with OpManager MSP’s new NetFlow Analyzer integration
Full-stack observability: Implementation, benefits, and ROI
Network traffic analysis for today's IT
The SRE Report 2024
The 2024 Observability Landscape — a survey of observability decision-makers
2024 State of IT Operations Report: Journey to Agility
OpUtils IP scanner for visibility: See everything, manage effortlessly
Digital experience monitoring in Applications Manager
How to monitor Apache web server performance metrics
How IT leaders can drive more with less
Firewall Segmentation
Startup vs. running configuration conflict: Its impact, and how to avoid it
A comprehensive guide to enhance performance and reliability in your storage systems
An IT leader's enterprise guide to drive more with less
Website monitoring in Applications Manager
Synthetic monitoring 101: A comprehensive guide to synthetic monitoring
Beyond deployment: The ongoing challenges in application performance monitoring implementation
How Is IPAM Simplifying Modern Networking?
The Elastic Generative AI Report

All White Papers...

Bridging the SecOps Gap
Security and Operations Teams Must Band Together to Foil Hackers
January 25, 2016

Bill Berutti
BMC

Share this

The world saw an epic number of data breaches in 2015. Reports of large-scale hacking attacks stealing everything from government secrets to children's birthdays and toy profiles were splashed across the headlines. IT executives and their teams were left to ponder – would we be next? As leaders, we need to leverage the strengths of our security and operations teams to fight back.

BMC and Forbes Insights recently surveyed executives in North America and Europe to get their perspective on their organization's overall security health and to find out what issues are critical to address. The results revealed the need for a framework organizations can use to get a solid strategy in place for improved security and compliance.

The survey showed that 97% of executives expect an increase in breach attempts in the next 12 months and 44% of executives say breaches occur even when vulnerabilities and remediation techniques are already identified. These two statistics paint a sobering image – almost half of data breaches could have been prevented.

With the threat of attacks on the rise, what causes unimplemented remediation plans to sit on the shelf? Lack of visibility between groups, lack of automation and competing priorities between groups all contribute to the issue. These three factors combine to create the "SecOps Gap."

Inconsistent approaches, manual processes and no ability to identify a threat and track its status across the lifecycle are challenges commonly faced by most organizations, and they all contribute to the gap. To address this, companies must focus on three critical elements to ensure that their security and operations teams are aligned on objectives and share accountability for the security and compliance of the organization. The three elements are People, Process and Technology.

People

A strong people strategy is the heart of an effective change management initiative. Start with setting a consistent vision for the security and operations teams. They need to see that they are interdependent and have shared goals in regard to the overall security of the organization. They need to balance these goals together with the needs of the business to be agile and reliable.

Process

The processes need to be reviewed in light of the shared goals and objectives. Repetitive, manual workflows should be evaluated to see if they are candidates for automation. Handoffs between the organizations need to be tight and provide opportunities for feedback and learning.

Technology

Technology should be deployed to facilitate the coordination and collaboration between these organizations. It is vital to be deliberate and to make sure that the technology you choose is built to solve the complete problem and not just portions of it. Many organizations implement point solutions to address the problem which fall short of addressing the complete problem.

Solutions must also be able to scale to handle the demands and complexity of your enterprise. Of the survey respondents, 60% want tools for automating corrective actions and 59% want a centralized view into vulnerabilities and remediation actions.

With 60% of survey respondents stating IT operations and security teams have only a general understanding of each other's requirements, it's clear that the SecOps Gap needs to be quickly acknowledged and addressed.

Bill Berutti is President of the Cloud, Data Center and Performance Businesses at BMC.

Share this

Related Links

www.bmc.com
BMC Joins the Vendor Forum

Hot Topics

Cybersecurity
IT Culture

The Latest

Key Aspects to Consider in Azure Monitoring
October 17, 2024

Monitoring your cloud infrastructure on Microsoft Azure is crucial for maintaining its optimal functioning ... In this blog, we will discuss the key aspects you need to consider when selecting the right Azure monitoring software for your business ...

The 3 Questions Every Product Leader Should Ask When Evaluating a New AI Tool
October 16, 2024

All eyes are on the value AI can provide to enterprises. Whether it's simplifying the lives of developers, more accurately forecasting business decisions, or empowering teams to do more with less, AI has already become deeply integrated into businesses. However, it's still early to evaluate its impact using traditional methods. Here's how engineering and IT leaders can make educated decisions despite the ambiguity ...

Enterprises Moving Fast to Adopt AI to Accelerate Mainframe Modernization
October 15, 2024

2024 is the year of AI adoption on the mainframe, according to the State of Mainframe Modernization Survey from Kyndryl ...

Only 13% of Security Professionals Say User Experience Is Mission-Critical
October 10, 2024

When employees encounter tech friction or feel frustrated with the tools they are asked to use, they will find a workaround. In fact, one in two office workers admit to using personal devices to log into work networks, with 32% of them revealing their employers are unaware of this practice, according to Securing the Digital Employee Experience ...

The State of Feature Management 2024 Puts Release Monitoring Center Stage
October 10, 2024

In today's high-stakes race to deliver innovative products without disruptions, the importance of feature management and experimentation has never been more clear. But what strategies are driving success, and which tools are truly moving the needle? ...

Crucial Metrics and Methods: A Deep Dive into Performance Testing
October 09, 2024
A well-performing application is no longer a luxury; it has become a necessity for many business organizations worldwide. End users expect applications to be fast, reliable, and responsive — anything less can cause user frustration, app abandonment, and ultimately lost revenue. This is where application performance testing comes in ....
The Rise of AI Will Actually Add to the Data Scientist's Plate
October 08, 2024

The demand for real-time AI capabilities is pushing data scientists to develop and manage infrastructure that can handle massive volumes of data in motion. This includes streaming data pipelines, edge computing, scalable cloud architecture, and data quality and governance. These new responsibilities require data scientists to expand their skill sets significantly ...

Time is Ticking! What You Need for Your Migration to Windows 11
October 07, 2024

As the digital landscape constantly evolves, it's critical for businesses to stay ahead, especially when it comes to operating systems updates. A recent ControlUp study revealed that 82% of enterprise Windows endpoint devices have yet to migrate to Windows 11. With Microsoft's cutoff date on October 14, 2025, for Windows 10 support fast approaching, the urgency cannot be overstated ...

Do You Need Multi-CDN Monitoring? Here's What You Need to Consider - Part 2
October 04, 2024

In Part 1 of this two-part series, I defined multi-CDN and explored how and why this approach is used by streaming services, e-commerce platforms, gaming companies and global enterprises for fast and reliable content delivery ... Now, in Part 2 of the series, I'll explore one of the biggest challenges of multi-CDN: observability.

Do You Need Multi-CDN Monitoring? Here's What You Need to Consider - Part 1
October 03, 2024

CDNs consist of geographically distributed data centers with servers that cache and serve content close to end users to reduce latency and improve load times. Each data center is strategically placed so that digital signals can rapidly travel from one "point of presence" to the next, getting the digital signal to the viewer as fast as possible ... Multi-CDN refers to the strategy of utilizing multiple CDNs to deliver digital content across the internet ...