Every size and type of business is faced with IT and security challenges of ever-increasing variety and complexity. As IT departments scramble to find enough budget, skilled staff and time to address all the intrusions that could negatively impact their organization, internal pressures build. Especially in larger enterprises, the IT team is actually several teams: network, data, security, compliance, and so on. Piling on, each team works with several vendors, which are definitely not set up to work with each other. Obviously, there’s enough to grapple with technology-wise to keep everyone busy forever.
These “politics” in and around IT departments, especially in larger organizations, play a significant role in the overall security of the company. Even within the typical security department, there are islands of responsibility, budgets, and data. The network team doesn’t share resources or ideas with the endpoint team, and so on. Those who get data first often hide it in hopes it will make them look good or provide justification to request more funding. Veterans of the game know that dividing security work into sub-teams often means a bigger overall budget. If you simply consolidate teams, you stand to lose resources as redundancies are discovered and eliminated. In that sense, it may be beneficial to maintain some silos with distinct funding sources.