ITSM + SecOps Convergence: How It Can Help Your Business, and How to Get Started (Part 1)

ITSM + SecOps Convergence: How It Can Help Your Business, and How to Get Started

Share This Post

Share on linkedin
Share on facebook
Share on twitter
Share on email

Why and how to bring together two critical elements of your business – Part 1 of 2

IT service management (ITSM) and security operations (SecOps) are equally critical to survival and success at many businesses. The need to bring them closer together and how best to accomplish that goal were among the topics discussed in a recent webinar cohosted by Virima.

The featured presenters were Taylor Lehman and Mike Bombard. Taylor is Chief Information Security Officer for Wellforce (a partnership of Tufts Medical Center and Floating Hospital for Children), MelroseWakefield Healthcare, and Circle Health in Massachusetts. Mike Bombard is Virima’s Chief Operating Officer. This post summarizes some of the points discussed during that event.

ITSM + SecOps: Why They Must Come Together

Both ITSM and SecOps are growing in importance to business operations, success, and growth. Almost every business interaction and transaction relies on some form of IT. And every IT service and estate needs the best possible security.

As IT environments grow in size and complexity, they also become more challenging to secure. Yet effective cyber security is essential if IT is to support business growth and digital transformation initiatives. Anything less places the business and its reputation at significant risk.

Bringing ITSM and SecOps together can enable and accelerate development and delivery of robust, secure, high-value, IT-powered services. Convergence of ITSM and SecOps can also increase alignment of IT and security initiatives with business needs and goals. Such convergence can also reduce operational and reputational risk, and effectively support business growth and digital transformation.

ITSM + SecOps: Evolutionary Drivers

At some businesses, so-called “disruptive technologies,” including artificial intelligence (AI), machine learning (ML), “big data,” and the Internet of Things (IoT), are driving efforts to improve ITSM. At some businesses, ITSM improvement is part of a larger push toward digital transformation.

Meanwhile, additional drivers spur pursuit of SecOps. These drivers include the need to eliminate silos of information and the desire to automate repetitive security and IT tasks. Another is the continuing evolution of successful cyber security threats, from phishing emails to malware as a service.

At every business, however, there is a common driver of evolution for both ITSM and Sec Ops. That is the increasing business criticality of IT-powered services and the technologies that enable them. The more essential these services and technologies become, the more important it is to optimize service development, delivery, and management and maximize security. Against this backdrop, bringing ITSM and SecOps closer together can be an important step in the evolution of IT management and your business as a whole.

ITSM + SecOps: First Steps

To begin or accelerate efforts to converge ITSM and SecOps, you must first understand that waiting and hoping is not a strategy or a plan. You need both a strategy and a plan. And each must be thoughtfully considered, clearly documented, and focused on business outcomes. Here are some initial step toward that strategy and plan.

Know your environment. You can’t manage, converge, or optimize what you don’t know about and can’t see. This includes all your critical assets and the connections and relationships that link them to each other, your services, and your users. You also need to know about every new connection and request for access, and to be able to deliver consumable, actionable information about your environment to all who need it.

Optimize your skills. Before you start trying to bring ITSM and SecOps together, make sure you have no serious skills gaps that could trip you up later. Make an honest assessment, and do your best to fill any gaps you do find, internally or with outside help. And automate everything you can, to extend the reach of the skilled people you do have.

Get executive support. Make the strongest business case you can. Focus on relevant business outcomes and metrics, and connect improved ITSM and SecOps to these. Keep your supporters and sponsors informed and happy. Executive sponsorship and support can provide the “pull” you need to see your ITSM-SecOps convergence initiatives succeed.

Communicate, validate, and enforce. Identify and keep in touch with all of your stakeholders. Tell them what you’re doing, what you’re going to do, what’s going to happen, how it’s going to help them and the business, and why they have to do it.

Part 2 will focus on specific challenges to and enablers of ITSM-SecOps convergence. It will also recommend specific next steps. You can also listen to or download the complete webinar, including great comments from the featured speakers, here.

Summary:

ITSM + SecOps

Why and how to bring together two critical elements of your business. Bringing ITSM and SecOps together can enable and accelerate development and delivery of robust, secure, high-value, IT-powered services. Convergence of ITSM and SecOps can also increase alignment of IT and security initiatives with business needs and goals. Such convergence can also reduce operational and reputational risk, and effectively support business growth and digital transformation. At some businesses, so-called “disruptive technologies,” including artificial intelligence (AI), machine learning (ML), “big data,” and the Internet of Things (IoT), are driving efforts to improve ITSM. At some businesses, ITSM improvement is part of a larger push toward digital transformation. At every business, however, there is a common driver of evolution for both ITSM and Sec Ops. That is the increasing business criticality of IT-powered services and the technologies that enable them. The more essential these services and technologies become, the more important it is to optimize service development, delivery, and management and maximize security. Against this backdrop, bringing ITSM and SecOps closer together can be an important step in the evolution of IT management and your business as a whole.

Mike Bombard

Mike Bombard

Mike Bombard COO Virima Technologies - Mike joined Virima Technologies (Atlanta, GA) in 2010 and oversees Virima ITAM/ITSM SaaS product sales, marketing and field services organizations. He has been providing solutions to solve complex IT challenges in a variety of industries for over 25 years.

More To Explore

Truth - word from wooden blocks with letters, real facts truth concept, random letters around, white background
Service Mapping

Why Is A Service Map Critical?

Service mapping – the area of configuration management that perplexes so many IT professionals, yet that which provides the highest value in Configuration Management Database

ITSM compass concept 3D rendering isolated on black background
ITSM

What is ITSM in 2020?

The world of service management has changed as technology has shifted from providing tools for administrative support to being fully embedded in the delivery of

Truth - word from wooden blocks with letters, real facts truth concept, random letters around, white background
CMDB

The CMDB as a Source of Truth

The Configuration Management Database (CMDB) provides a single database that contains information about the enterprise’s assets, both logical and physical. In modern service management platforms,

Learn More about Virima

Thanks for visiting.

VIRIMA can solve your toughest IT asset and service management challenges.

See what it can do for you!

By submitting your email you agree that Virima Technologies may collect, use and disclose your personal data which you have provided in this form, for providing marketing material that you have agreed to receive, in accordance with our data privacy policy.