EMA Survey Shows SecOps Initiatives Are Delivering Strong Levels of Value

Share Article

18% of survey participants indicated that they had achieved “dramatic benefits” from SecOps, while 41% indicated they had achieved “significant benefits.”

Integrating SecOps With Operations, Development, and ITSM in the Age of Cloud and Agile

Integrating SecOps With Operations, Development, and ITSM in the Age of Cloud and Agile

Enterprise Management Associates (EMA™), a leading IT and data management research and consulting firm, has released a new research report titled “EMA Research Report SecOps: Integrating with Operations, Development and ITSM in the Age of Cloud and Agile,” based on criteria defined by Dennis Drogseth, vice president of research at EMA, and David Monahan, research director of risk and security management at EMA.

Based on 251 respondents—62% from North America and 38% from Europe—this new report addresses SecOps initiatives in terms of role, team leadership, success rates, company size, vertical adoptions and geography. It provides telling insights into technology priorities, process and best practices, as well as metrics for critical use cases, including integrated security/compliance for performance and availability management, change and configuration management and IT asset management and audits. Additionally, it addresses the impacts of cloud, agile, digital transformation and mobile on SecOps directions.

“One of the most striking findings from the research was the multi-faceted nature of SecOps initiatives,” said Drogseth. “We were able to analyze the priorities and success rates of teams led by security, operations, ITSM, development and business/overlay—each of which showed distinctive characteristics. The bottom line being that SecOps is an emerging, critical arena for IT transformation—but it is not linear. It does not have a single face.”

This new research shows that the integration of security operations, fraud and compliance with critical areas in IT is now delivering significant values. However, these gains are not without their technology and cultural/process challenges. One of the more important findings was that when it came to obstacles, technology issues, especially those associated with more effective data management and toolset integration, almost categorically outscored cultural and process issues. The message to the industry should be clear: addressing more cohesive approaches to data sharing, analytics, automation and reporting between security and the rest of IT is an area ripe for innovation. Vendors that recognize this should be honored with significant opportunities for industry growth. Vendors that turn away from the opportunity and continue to settle within established markets, will eventually find their offerings less relevant to the future of IT.

Some other key data points from this survey are:

  • Respondents showed a strong commitment to integration, in terms of process, metrics, and/or technology, with 73% of respondents claiming they were extremely well integrated or very well integrated. The data also showed that higher levels of SecOps integration correlated strongly with SecOps success.
  • The top two (tied) benefits from SecOps initiatives (when ranked by importance) were better ROI on the existing security infrastructure and improved operational efficiencies across security and the rest of IT. More efficient usage of cloud services came in 1 percentage point behind at number three.
  • 73% of respondent were proactively coordinating security/compliance requirements with ITAM or software asset management (SAM) processes. Support for audits was strongly well aligned with overall SecOps success.

“This new SecOps research is truly groundbreaking in its direction. No other research has touched on these efforts and their outcomes,” said Monahan. “Findings positively show organizations that have begun their IT, DevOps and security operations integrations are seeing significant returns in operating efficiencies, improved IT and security performance from shared analytics and ROI from tools consolidations, just to name a few.”

A detailed analysis of the research findings are available in the report, "EMA Research Report SecOps: Integrating with Operations, Development and ITSM in the Age of Cloud and Agile."

A report summary of the research findings are available in the report, "Report Summary - Integrating SecOps With Operations, Development, and ITSM in the Age of Cloud and Agile."

Key highlights from the research are available in the “SecOps: Integrating with Operations, Development and ITSM in the Age of Cloud and Agile” on-demand webinar.

About Enterprise Management Associates (EMA)
Founded in 1996, EMA is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help its clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals, and IT vendors at http://www.enterprisemanagement.com or blogs.enterprisemanagement.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Raleigh Gould
Enterprise Management Associates (EMA)
Like >
Visit website