For better or worse, many enterprise business leaders view the IT security team as the “Department of No,” perceiving it as a thrower of wet blankets on efforts to innovate. Of course, this isn’t always the case. Some security teams get the need to maintain the right balance between innovation and security. However, a recent survey shines a light on where the bad reputation comes from and just how poorly aligned security teams are with the business-technology teams.
Specifically, the SailPoint Technologies 2018 Market Pulse Survey found enterprise business managers struggle to increase business efficiency while maintaining a harmonious relationship with not only the security team but IT in general:
- Over half of respondents stated their IT department can be a source of inconvenience in their organization.
- Around one in three respondents said they (or one of their colleagues) have purchased and/or deployed software without IT’s help, an 11% increase in the past four years.
- If respondents had reason to believe they had been hacked, 13% would not tell IT immediately, potentially making a bad situation much worse.
- 49% of respondents would actually blame the IT department for a cyberattack if one occurred as a result of an employee being hacked.
Of course, this asymmetry will create risk. If staff views security and business-technology teams as onerous roadblocks, they will move around them and just sign up for the cloud applications and services they want.
As employees and line-of-business managers select their own cloud services, enterprise visibility into the applications and data employees are using every day is lost. If not managed effectively, this could jeopardize the success of their information security efforts.
The survey also identified a number of emerging threats, such as nearly half of respondents are either already using AI chatbots/personal assistants or are planning to do so. More than one in 10 are already using these in the workplace to increase efficiencies.