Editorial

Research uncovers lack of collaboration between IT and security

More than half of UK respondents say their organisation has been hit by ransomware in the last six months

Posted 9 June 2022 by Christine Horton


New research has exposed a gap between IT and security teams, exposing firms to cyberattack.

A survey commissioned by Cohesity shows that 85 percent of UK IT and security operations (SecOps) decision-makers agree that IT and SecOps should share the responsibility for their organisation’s data security strategy. However, almost a third (19 percent) believe the collaboration is not strong with IT, with five percent of those respondents going so far as to call it “weak.”

Of those, 32 percent believe their organisation is either more exposed (18 percent), or much more exposed (14 percent) to cyber threats. 

The research is based on an April 2022 survey of more than 2,000 IT decision-makers and Security Operations (SecOps) professionals in the United States, the United Kingdom and Australia. 

Nearly three-quarters of respondents (72 percent) in the UK believe the threat of ransomware in their industry has increased over the last year, with more than half of respondents (51 percent) saying their organisation has been the victim of a ransomware attack in the last six months.

In many cases, even though the threat of cyberattacks has increased, the level of collaboration between IT and SecOps has remained stagnant or has declined. Forty-three percent of respondents, overall, said collaboration between the two groups has remained the same even in light of increased cyberattacks. 8 percent of all respondents said collaboration has actually decreased. While only 55 percent of IT decision-makers said collaboration has decreased, nearly 11 percent of SecOps respondents believe that is the case, highlighting disparity between the two groups. 

Talent shortage

The on-going tech talent shortage is making matters worse. When asked if the talent shortage is impacting the collaboration between IT / security teams, 75 percent of respondents (69 percent of IT decision-makers and 82 percent of SecOps) said, yes, it is having an impact. 

“This research pinpoints there is often a lack of collaboration between IT and security teams that we’re seeing across many organisations today. This communication gap must be closed if organisations want to win the battle against cyber threats and ransomware,” said Brian Spanswick, chief information and security officer, Cohesity.

“For too long, many security teams focused primarily on preventing cyberattacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together, but in many cases they remain separate and this lack of collaboration gives cyber criminals the room they need to often deliver successful attacks and put companies at the mercy of bad actors.”