If you are in two minds about disbanding your IT security team, you might be interested in learning some more about security risks to businesses and whether a team of security professionals is the right way to counter these potentially damaging threats.
Are security teams obstructive rather than productive?
The vice-president of technology research company Gartner, Tom Scholtz, has confirmed that many businesses see their in-house security teams as a department that prevents rather than progresses their business affairs. Surely this is not the idea of a centralised security team?
In addition, he points out that these individuals are perhaps not the right ones to educate a business, with devolution and cross-team coordination a far better alternative. This is because, in his experience, many staff in an organisation already overlap with their responsibilities; however, making this move towards a different structure will require people in other teams to be fast-learning, keen to understand technological risks, and willing to take on new responsibilities for their employer.
Who can address risks in place of dedicated teams?
Rather than creating a whole new team to address risks – as many companies have naturally done – and grow in line with the risks, Scholtz suggests that less intervention from dedicated security teams could be better for business. After all, the teams that use specific data are usually tasked with a responsibility over it and there really is no need for an additional team to be concerned with it. Add to this the new technological advances in IT security, such as file integrity monitoring from a company such as https://www.promisec.com/file-integrity-monitoring-software/, and security teams begin to lose their appeal.
How can a company successfully disband an IT team?
It is possible to make an IT team smaller with minimal impact to a business. As previously stated, many others within the company cross over with their responsibilities and could usefully do their jobs; however, organisations are likely to still need central security teams for the time being.
Even those who are open to the idea but see taking action as too much of a risk can take something away from this theory, with considering the devolution of security helping organisations to identify which aspects of their security are suitable for automation or outsourcing.