Lack of collaboration between IT and security teams puts businesses at risk

New research commissioned by Cohesity, a provider of next-gen data management, reveals that while most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organization’s data security strategy, many of these teams are not collaborating as effectively as possible to address growing cyber threats.

According to the survey, nearly half of those who believe collaboration between IT and security is weak believe their organization is more vulnerable to cyber threats as a result — and the implications for businesses could be significant.

The study is based on an April 2022 survey of more than 2,000 IT decision-makers and SecOps professionals (split nearly 50/50 between the two groups) from businesses in the United States, the United Kingdom, and Australia — all of whom play a role in IT or security decision-making.

The survey was conducted as nearly three-quarters (74%) of respondents believe the threat of ransomware has increased in their industry over the last year, with nearly half (47%) reporting that their organization has been the victim of a ransomware attack in the last six months. The survey yielded the following global findings:

• Security should be a shared responsibility: More than four in five (81%) of respondents overall (86% of IT decision-makers and 76% of SecOps) somewhat or strongly agree that IT and SecOps should share the responsibility for their organization’s data security strategy. 
• But, effective collaboration between IT and security teams is frequently not happening: Almost a third of SecOps respondents (31%) believe the collaboration is not strong with IT, with 9% of those respondents going so far as to call it “weak.” Among IT decision-makers, more than a tenth of respondents (13%), believe collaboration with SecOps is not strong. In total, nearly a quarter (22%) of IT and SecOps respondents overall believe the collaboration between the two groups is not strong.^[1]
• In many cases, even though the threat of cyber attacks has increased, the level of collaboration between IT and SecOps has remained stagnant or has declined: 40% of respondents, overall, said collaboration between the two groups has remained the same even in light of increased cyber attacks. And, 12% of all respondents said collaboration has actually decreased. While only 5% of IT decision makers said collaboration has decreased, nearly one in five (18%) of SecOps respondents believe that is the case, highlighting disparity between the two functions. 
• The ongoing tech talent shortage is making matters worse: When asked if the talent shortage is impacting the collaboration between IT and security teams, 78% of respondents (77% of IT decision-makers and 78% of SecOps) said, yes, it is having an impact. 
• As a result of this lack of collaboration between IT and SecOps, many respondents believe their organization is more exposed: Among the IT and SecOps respondents who believe the collaboration is weak between the two groups, 42% believe their organization is either more exposed (28%), or much more exposed (14%) to cyber threats. 
• The consequences of that exposure could be devastating for businesses and for careers: When asked what would be their worst fear about a lack of collaboration between security and IT if an attack takes place, 42% of all respondents are concerned about a loss of data, 42% fear business disruption, 40% are worried customers will take their business elsewhere, 35% fear finger-pointing will take place and their team will be blamed should any mistakes occur, 32% are worried about paying ransomware, and 30% fear people from both teams (IT and SecOps) will be fired. 

“This research pinpoints there is often a lack of collaboration between IT and security teams that we’re seeing across many organizations today,” said Brian Spanswick, chief information security officer, Cohesity. “For too long, many security teams focused primarily on preventing cyber attacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together — but in many cases, they remain separate and this lack of collaboration creates significant business risks and can put companies at the mercy of bad actors.” 

To emphasize this point, when asked how their organization prioritized data backup and protection as part of their security posture or response to a cyber attack, 54 percent of IT decision-makers said it was a top priority and a critical capability, while only 38 percent of SecOps respondents said the same.

“If SecOps teams are not thinking about backup and recovery, and lack next-gen data management capabilities as part of an overall security strategy, that’s a problem,” said Spanswick. “IT and SecOps teams need to collaborate before an attack takes place — looking holistically across the NIST Cyber Security Framework which includes five core capabilities: identify, protect, detect, respond, and recover. If they wait to collaborate until their data is hijacked, that’s too late and the results could be catastrophic for businesses.” 

Eighty-three percent of all respondents (84 percent of IT decision-makers and 81 percent of SecOps respondents) agree that if security and IT worked more closely together, their organization would be better prepared to recover from cyber threats such as ransomware attacks. When asked what would give their organization more confidence that they could quickly recover business systems in the event of a ransomware attack, 44 percent of all respondents (49 percent of IT decision-makers and 39 percent of SecOps respondents) said greater communication and collaboration between IT and security is critical.