Once upon a time, security, IT and engineering went about their days independently of each other in fairly rigid operational silos. And the old adage “it takes a village” has never rung truer — especially when it comes to resiliency.
These days, security professionals now require an expansive view of data to help secure a very interconnected IT, AI and cloud environment. And while it might be harder for teams to do their jobs in separate bubbles, they’re also realizing a lot of value as a result of their efforts.
In our 2024 Security Predictions Report, we illuminate the driving forces and benefits of collaboration trends across security, IT operations and engineering and teams. Here are a few of the ways collaboration will help security teams — and their organizations — realize resilience goals and benefits in the year ahead.
Enabling Teams to Assess Faster, Respond Sooner
Of its many benefits, collaboration can boost resilience by accelerating the time for teams to understand, assess, and prioritize risk; providing greater visibility across the attack surface; and enabling faster time to risk mitigation. It also goes a long way to helping accelerate root cause analysis and troubleshooting issues across the organization.
Perhaps not surprisingly, CISOs are working closer than ever with internal technical leaders, and security is becoming an integral part of ITOps, engineering, cloud teams, and other technology functions — and with good reason. Attack vectors like supply chain threats, such as the recent MOVEit vulnerability, are forcing closer collaboration across teams that need to work together to coordinate data protection and incident response across the entirety of an organization’s ecosystem.
And as security begins to have a much larger impact on business, there will be a growing need for a more holistic view of the entire threat ecosystem. “There is a need for a synoptic view,” says Paul Kurtz, chief cybersecurity advisor and field CTO. Drawing on his extensive experience managing cybersecurity programs for the US Government, Paul Kurtz noted that “looking all the way back to Y2K, having a synoptic view of networks has been critical. Today it is even more important, given our dependence on IT. Operators will need real-time visibility, supplemented by AI, to understand what’s happening on the network. Individual security ‘mousetraps’ will have little impact — unless you can fuse security and observability data in real-time.”
Looking ahead, there are few downsides to collaboration — and security professionals will continue to reap the benefits as it becomes a standard practice across industries.
Helping Win At Compliance
Maintaining a robust compliance posture is one of the hallmarks of resilience. And over the years, security, IT and engineering teams globally become accustomed to ramping up cyber defenses to maintain compliance with rigorous mandates such as the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR), among others. It was part of the job. And, for the most part, they understood the game.
Then the goalposts changed. In July of 2023, the U.S. Securities and Exchange Commission (SEC) announced new rules requiring registered organizations to disclose “material cybersecurity incidents” within four business days of discovery, as well as all material information on their cybersecurity risk, strategy, and governance. The new rules, which officially went into effect December 2023, also require registrants to detail material impact or likely material impact, of any breach or security incident. Consequences for violations are severe, including steep fines, legal prosecution and, in worst-case scenarios, jail time for executives found accountable.
It’s not a stretch to say that security professionals will have to identify threats sooner and respond faster — much faster — than they ever have before. In addition to opening insights and visibility, collaboration gives individual teams a better understanding of how the business works operationally as a whole.
Whether they’re making critical decisions about cyber defense, or disclosing incidents within required reporting windows, collaboration will also give security teams a big leg in navigating an increasingly complex regulatory environment. This includes aligning across all teams — including legal and HR — on security priorities and incident response, clearly defining security-related roles and responsibilities throughout the organization and helping non-technical departments prioritize and become more self-sufficient in sustaining security best practices. And as more departments get on board, organizations will see their security and compliance posture become stronger, more cohesive, and ultimately, more resilient.
Taking Resilience to New Levels
Resilience has been on the minds of security teams for a while. In Splunk’s 2023 State of Security report, 62% of respondents (up from 54% last year) disclosed that cybersecurity incidents took down business-critical applications between once and twice a month (22 total per year on average, up from 19 the previous year.) And the cost of downtime isn’t cheap.
To avoid cyber-related downtime, teamwork will be non-negotiable. It will become increasingly common for teams to take a security-first approach, integrating security more deeply into all processes, functions, and phases of the software development lifecycle. And as security, IT operations and development teams continue to learn cross-functionally and improve their skills, tool sharing will also become a more widely adopted and established practice.
Experts say that collaboration trends are already starting to take root now — and they will likely intensify throughout 2024 and beyond. According to the Splunk CISO Report, 55% of CISOs say they are integrating security into all facets of the software development lifecycle, while 50% say that security will be an integral part of the modernization process. CISOs also say that collaboration will help them explore anomalous system or network behavior (48%) as well as improve how they respond to degradation of critical applications (44%). “IT and security teams are getting closer, and it’s naturally bringing teams together over time,” says Kirsty Paine, field CTO and strategic advisor for EMEA. “Now, it’s more of an informal collaboration.”
But it’s clear that in 2024, collaboration will be essential as resilience becomes table stakes. To navigate the sea of cyber legislation, disruptive technologies and security threats, teams must realize they’re on the same mission. As organizations ramp up their adoption of AI, edge, and multi-cloud infrastructure, they will need a broader and deeper view into increasingly complex environments. And while it will be a shift for teams accustomed to set swimlanes, a panoramic view is only possible when all teams and stakeholders are aligned and working together. With communication, trust and a commitment to shared strengths, organizations can remain resilient through adversity next year and beyond.
To learn more about what Splunk sees for the future of the cybersecurity landscape in 2024, download the 2024 Splunk Security Predictions report.