Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity NewsBanking/Finance/Insurance

SaltStack Report Finds Automation and Alignment are Critical to SecOps Success

Data Security; cyber security news, NIST cybersecurity, data security, data breach, cybersecurity management
May 6, 2020

SaltStack, the creators of intelligent automation for security operations and IT teams, released the findings of its inaugural research survey, The State of XOps Report, Q2 2020. The survey revealed that organizations using software to help IT and InfoSec teams collaborate and align are three times more confident in the effectiveness of their information security efforts. 

Despite the obvious security benefits of improving team alignment, 54 percent of InfoSec leaders say they communicate effectively with IT professionals, while 45 percent of IT professionals agree. This was particularly true among respondents working in the financial services vertical where large enterprise teams struggle to collaborate and communicate to secure digital infrastructure.

The survey findings offer additional insight into communication breakdowns and how teams are working together to fix them. In companies where software is being used to help IT and InfoSec teams collaborate, managers are four times more likely to say their IT and InfoSec teams communicate effectively on important tasks. Moreover, these same organizations are eight times more likely to say their IT and InfoSec teams work together, not just communicate, effectively to secure infrastructure.

The survey did reveal two areas of undeniable alignment between InfoSec and IT professionals:

  • 70 percent of both InfoSec and IT managers say their company sacrifices data security for faster innovation.
  • Both InfoSec and IT managers reported that data protection should be prioritized over innovation, speed to market and cost.

“Even though both IT and InfoSec teams agree security is more important than innovation, DevOps teams are outpacing SecOps teams and we now see rapid innovation with lagging security. This is particularly concerning because it increases the likelihood that infrastructure misconfiguration and known vulnerabilities are more exposed to bad actors,” said Alex Peay, SaltStack SVP of product. “Ultimately, an exploited vulnerability will lead to customer and revenue loss, regulatory violations, and diminished brand trust, which were the most-concerning consequences of a breach to our survey respondents. A security exploit combined with pandemic-induced economic headwinds might be the double black swan scenario that kills a company.” 

SaltStack survey respondents estimated that a major data breach would cost their company roughly $707,000, on average. However, even with such high financial stakes, the rift between InfoSec and IT managers is apparent and persists despite the threat to business. InfoSec managers point at a skills and talent shortage, followed by misconfigured infrastructure and unaddressed vulnerabilities, as the top contributors to risk. IT managers said the highest risk stems from unintentional employee leaks and endpoint attacks.

“A number of recent breaches indicate system misconfiguration and unpatched, known vulnerabilities, particularly of public cloud and on-premises server infrastructure and databases, are the most common cause of data exposure and successful exploits.” said Peay. “There are simply not enough skilled humans to secure digital infrastructure at scale without the force multiplier of security operations automation and improved collaboration among teams. Automation and collaboration are proven to be the difference between a breach, or truly secure digital business.”

Data from The State of XOps Report, Q2 2020 similarly suggests companies that automate security operations eliminate the most tedious and difficult security tasks, as cited by both IT and InfoSec managers, which include:

  • Patch management
  • Vulnerability prioritization
  • Compliance audits

Marc Chenn, CEO of SaltStack, “The survey data in The State of XOps Report, Q2 2020 affirms what we’re hearing from our customers every day. We’re at a tipping point for InfoSec driven by the sheer scale of digital infrastructure adoption by businesses of all stripes. We’re in an all-hands-on-deck situation and it is more important than ever for business to get the most out of their essential security and IT operations teams as they collaborate to fix what’s broken. The alternative is not acceptable. SaltStack SecOps products act as a unifying force for IT and InfoSec teams while ensuring effective, automatic remediation and compliance.”

For additional data and insights, download The State of XOps Report, Q2 2020 today.

KEYWORDS: cyber security financial security information security Information Technology Security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

patient at healthcare reception desk

Almost Half of Healthcare Breaches Involved Microsoft 365

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber5-900px.jpg

    McAfee Report Finds Automation and Use of Gamification are Key to Cybersecurity

    See More
  • SEC0111_crit_infrastructure

    New Report Calls for National Industrial Strategy to Strengthen U.S. Industries that are ‘Too Critical to Fail’

    See More
  • Creating the GSOC: 4 Leading Examples of Successful Security Operations Centers

    Why automation, artificial intelligence and machine learning are becoming increasingly critical for SOC operations

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing