Lesson From the Road: The Security and IT Partnership

The last two weeks have been filled with travel for me, and I’ve had many opportunities to talk with security practitioners about the realities they face on a daily basis.

At our Evolution customer conference and the RSA Conference in California, as well as at the CIO Perspectives event in New York City, I heard validation of something I’ve believed for a long time: Security continues to be democratized and is a shared responsibility of everyone. Now more than ever, having security and IT teams work together as partners is essential to ensure security alongside user freedom.

For example, I had the pleasure of being part of a panel discussing security challenges facing CIOs in today’s modern age at the CIO Perspectives event. There, I heard some common themes as I spoke with countless CIOs and CISOs:

  • No one has enough budget to fulfill the needs: We heard how CIOs and CISOs are looking at “two-fer” hires who bring an IT capability along with the ability to solve security controls, essentially functioning as members of both the security and IT teams.
  • No one has enough staff: IT and Security experts are in high demand and the skill gap is challenging. Often, CISOs are turning to IT experts to help implement policy and governance and validate compliance.
  • No one feels safe enough: In today’s world, IT experts know their users are under attack. Security experts know that “soft spots” exist in every organization and abating them presents a challenge.

Security and IT are separate disciplines, and yet CISOs are looking at ways to share resources between the two and, in some cases, find hires that can fulfill the responsibilities of both. Budget pressures aside, there’s perhaps an unconscious reason why technology leaders are exploring the overlap between security and IT: When these two teams work together, both security and IT are improved.

In many cases, security and IT teams don’t see eye-to-eye, which forces conflict over prioritizing investigations versus getting users back up and running when data security incidents strike. When security and IT are separate functions, they typically operate in silos, using different data sets to triage incidents. This results in duplication of work and wasted time validating each other’s findings. And, obviously, both teams are stretched thin and have difficulty accessing each other’s tools and data sets, leading to unneeded delays in investigation, response and recovery.

When using a common set of tools for incident response, critical information is gathered more quickly and accurately. At our Evolution customer conference, we announced new features and products to arm security and IT with the capabilities they need to accelerate incident response:

  • The new Code42 Cloud: fully cloud-native deployment of our capabilities, allowing customers to retain their encryption keys while having zero software on-premises.
  • The new Code42 Forensic File Search product: complete visibility into your data wherever it is in the world, at any time, with real-time results – even when endpoints are offline.

Code42 Forensic File Search is designed to quickly equip security and IT teams to answer the most probing security questions, reducing investigation times for cybersecurity incidents. It is our sincere hope that Code42 Forensic File Search can help move security and IT teams towards the partnership model that’s increasingly essential for today’s enterprise. With security now the responsibility of everyone in an organization, it is more critical than ever that the key players in incident response, security and IT, have the right tools to quickly, reliably and accurately gather information about data security incidents.


Leave a Reply

Your email address will not be published. Required fields are marked *

*