DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • Leadership Suite
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More Topics
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » Blogs » DevSecOps » DevSecOps Requires Teamwork for Success

DevSecOps Requires Teamwork Success

DevSecOps Requires Teamwork for Success

By: Frank Ohlhorst on December 2, 2019 Leave a Comment

While the manifestos surrounding the current development pipelines may differ, there is one concept that remains constant: teamwork. All the various frameworks populating the development landscape bring together teams of people to build and deliver applications. This is especially true of DevOps, which focuses on a technical culture with defined roles on a quest for responsiveness. 

Recent Posts By Frank Ohlhorst
  • Best of 2021 – Transform Legacy Java Apps to Microservices
  • How Log4j Becomes a Serious DevOps Problem
  • AWS Outage Exposes Weaknesses of DevOps Resilience
More from Frank Ohlhorst
Related Posts
  • DevSecOps Requires Teamwork for Success
  • How to Become a DevSecOps Engineer
  • The Rising Demand for DevSecOps Talent
    Related Categories
  • Blogs
  • DevSecOps
    Related Topics
  • Cybersecurity
  • devops
  • devsecops
  • IT operations
  • research
  • Tanium
Show more
Show less

Yet, many organizations seem to be failing miserably when it comes to bringing cybersecurity into IT operations, especially where DevOps is concerned. New research from Tanium, a purveyor of endpoint management and security platform solutions, illustrates that all is not well where cyber and IT operations intersect.

DevOps/Cloud-Native Live! Boston

Tanium commissioned Forrester Consulting to survey more than 400 IT leaders at large enterprises to uncover the challenges, consequences and gaps they face when managing and securing their endpoints. That research revealed that two-thirds (67%) of businesses say that driving collaboration between security and IT ops teams is a major challenge.

That lack of collaboration has a cascading effect, impacting the overall security hygiene of the enterprise and exposing systems to even common threats. Simply put, teamwork requires much more than just building camaraderie between security, operations and development folks; success requires that various team members come together to support the culture of DevOps. 

Strained relations between those players can lead to security failures, an assumption evidenced by Tanium’s research. The survey results indicated that security and IT ops teams with strained relationships more often struggle with basic IT hygiene, taking nearly two weeks longer to patch IT vulnerabilities than teams with healthy relationships.

It is those types of issues that can weaken the confidence of  IT decision-makers to make the correct decisions. The report claims that they have a misplaced sense of confidence, with 80% certain they can act on the results of vulnerability scans but only 49% feel confident they have full visibility into all the hardware/software assets on their environment. 

According to Tanium, that misplaced confidence is attributable to the increased investment in IT security and operational tools. However, just increasing security budgets does not always deliver on improved capabilities. As the survey results indicate, throwing money at the cybersecurity problem often creates a false sense of security regarding how well businesses can protect their IT environment from threats and disruption.

Many of those threats seem to fall through the cracks, a problem often blamed on the lack of end-to-end visibility of endpoints and their health. Solving that particular issue requires that IT security professionals interact more effectively with their IT operations and development counterparts (again, teamwork). Further exacerbating the problem is that many applications and services still operate in silos, which inhibits the visibility and control needed to properly protect the environment.  

“According to our research, most teams are confident in their ability to take timely action on the results of their vulnerability scans. However, further investigation shows teams are admittedly suffering from visibility gaps of all hardware and software assets in their environment, which undermine these efforts to take action. With around 50% of IT leaders showing confidence in asset and vulnerability visibility, you’re essentially leaving your security to a coin flip,” said Chris Hallenbeck, Americas Chief Information Security Officer at Tanium. 

Ultimately, Tanium recommends adopting a unified endpoint security solution to address the gaps in protection, while also encouraging security and IT ops teams to work more closely together. However, it is likely it will take more than just that to fully integrate security into the DevOps pipeline. Cybersecurity pros will need to get involved in the development pipeline to ensure that security becomes a foundational element of the application development and delivery process. 

— Frank Ohlhorst

Filed Under: Blogs, DevSecOps Tagged With: Cybersecurity, devops, devsecops, IT operations, research, Tanium

Sponsored Content
Featured eBook
The Automated Enterprise

The Automated Enterprise

“The Automated Enterprise” e-book shows the important role IT automation plays in business today. Optimize resources and speed development with Red Hat® management solutions, powered by Red Hat Ansible® Automation. IT automation helps your business better serve your customers, so you can be successful as you: Optimize resources by automating ... Read More
« And the Builders Shall Inherit the Earth: The Democratization of IT
Tricentis Founder Wolfgang Platz Releases Book, Enterprise Continuous Testing »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Building a Successful Open Source Program Office
Tuesday, May 24, 2022 - 11:00 am EDT
LIVE WORKSHOP - Fast, Reliable and Secure Access to Private Web Apps
Tuesday, May 24, 2022 - 3:00 pm EDT
LIVE WORKSHOP - Boost Your Serverless Application Availability With AIOps on AWS
Wednesday, May 25, 2022 - 8:00 am EDT

Latest from DevOps.com

Competing Priorities Prevent Devs From Creating Secure Code
May 24, 2022 | Pieter Danhieux
DevOps/Cloud-Native Live Boston: Get Certified, Network and Grow Your Career
May 23, 2022 | Veronica Haggar
GitLab Gets an Overhaul
May 23, 2022 | George V. Hulme
DevOps and Hybrid Cloud: Life in the Fast Lane?
May 23, 2022 | Benjamin Brial
DevSecOps Deluge: Choosing the Right Tools
May 20, 2022 | Gary Robinson

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

The Automated Enterprise
The Automated Enterprise

Most Read on DevOps.com

DevOps Institute Releases Upskilling IT 2022 Report 
May 18, 2022 | Natan Solomon
Apple Allows 50% Fee Rise | @ElonMusk Fans: 70% Fake | Micro...
May 17, 2022 | Richi Jennings
Making DevOps Smoother
May 17, 2022 | Gaurav Belani
Creating Automated GitHub Bots in Go
May 18, 2022 | Sebastian Spaink
DevSecOps Deluge: Choosing the Right Tools
May 20, 2022 | Gary Robinson

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.