The State of XOps Report, Q2 2020

“XOps” is an umbrella term we use to refer to generalized operations of all IT disciplines and responsibilities. Development, security, networking, and cloud must be integrated with and supported by IT operations to be efficiently maintained, secure, and reliable.

For example, software development is futile without an operations team to put and keep code reliably in production. Security teams are often powerless to actually enforce compliance and remediate vulnerabilities without the IT operations team to remediate, patch, and enforce security recommendations. This balance of power should be good for reliable and secure infrastructure, but without teamwork it can and has resulted in disaster for the business.

To better understand the interplay between IT operations and other IT disciplines, SaltStack will occasionally commission a survey of IT operators and their counterparts in IT, development, and security. The State of XOps Report, Q2 2020 shines a light on how IT and security teams can more effectively implement SecOps and secure IT. This infographic report contains highlights from the research.

SecOps Teams Must Automate and Align

More than ever, digital business is the new normal. All digital business runs on infrastructure that needs to be maintained and secured. There is intense pressure on IT and security operations teams to do more with less while keeping the lights securely on. They need help.

Getting ahead isn’t possible without shared automation and efficient collaboration.

An emerging SecOps mindset must apply some of the same principles proven out by DevOps before. How close are we to getting there?

The digital infrastructure used by any modern business must be fortified. Threats to company systems and customer data are real and attacks are imminent and persistent.

“Through 2020, 99% of vulnerabilities exploited will continue to be the ones known by security and IT professionals for at least one year.”

99%

SaltStack commissioned an independent market research firm to survey a random sample of 130 verified InfoSec and IT leaders. The study was conducted in January 2020 and has a margin of error of +/-8.6% at the 95% confidence level. The key findings in this report provide detail on the disconnect between IT and security teams and insight into what can be done to fix it.

Why don’t SecOps teams simply secure IT?

- Gartner

IT and security operators, the protectors of digital business success, don’t stand a chance if their fortress has known and unaddressed vulnerabilities.

If cyber criminals knew about existing gaps in the defenses, businesses would do everything possible to remediate those vulnerabilities...right? Unfortunately too often those gaps go unaddressed for years.

The survey reveals security and IT operations teams don’t collaborate well. This is a problem. Enterprise infrastructure security requires coordinated contributions from both teams.

54% of security leaders say they communicate effectively with IT professionals. 45% of IT professionals agree. Not good.

Collaboration

Effective communications increases in companies where tools are used to facilitate cross-functional collaboration. In these companies, managers are 4x more likely to say their IT and security teams communicate effectively on important tasks.

Automation

Automation also plays a role in unifying IT and security teams. Companies that automate core security functions such as vulnerability remediation and compliance enforcement are 5x more likely to say their teams communicate effectively.

45%

54%

Both security and IT managers agree data protection SHOULD BE prioritized over innovation, speed to market, and cost.

Undeniable SecOps alignment

70% of both security and IT managers say their company sacrifices data security for faster innovation...always a tricky balancing act.

THE REALITY THE ASPIRATION

IT and security leaders rank the most-feared consequences of a security breach:

1. Customer loss2. Regulatory violations3. Loss of brand trust

All could have a substantial financial impact on the business, further underscoring the value proposition for automated, more collaborative security operations.

Automate security operations

Automated SecOps helps surveyed security and IT pros eliminate these top dreaded tasks:

Both groups agree automation unifies the work of SecOps enabling team collaboration and efficiency.

1) Both groups hate patch management.2) Security pros hate threat prioritization3) IT pros hate compliance audits

$707,000Companies surveyed say a major data breach would cost their company on average:

With the stakes so high, especially in an economic downturn, it is critical IT and security teams break down silos and secure IT. Businesses are struggling already, but a double black swan scenario could be ruinous.

According to Forrester Research, “Today's security initiatives are impossible to execute manually. As infrastructure-as-code, edge computing, and internet-of-things solutions proliferate, organizations must leverage automation to protect their business technology strategies.”

In summary, what dev and ops teams did for agile tech innovation, security and ops teams need to do for real and continuous infrastructure security. The SecOps mantra must be to integrate security operations teams through collaboration and automation. The objective is clear - truly secure digital business by achieving consensus, fixing issues, and securing infrastructure.

Both IT and security professionals agree that communication suffers between their teams, and that security should be prioritized over other digital initiatives like speed and innovation. If shortcomings are understood, and priorities are aligned, why is it so difficult to secure business infrastructure? What part of the process is broken? What can SecOps teams learn from DevOps teams that have gone before?

IT operators have the mandate to rapidly innovate and push new products to market while maintaining infrastructure reliability. Security pros are tasked with identifying security vulnerabilities and compliance issues.

The shared responsibility of taking action to remediate security issues and enforce compliance often falls between the cracks.

Infrastructure is growing at an exponential scale which in turn increases data center complexity. The work of fixing security is tedious and requires time. Humans can’t do it alone, or in silos.

The data in this research indicates infrastructure simply doesn’t get secured fast enough if IT and security teams aren’t on the same page and automating as much of the work as possible.