Historically, there has been plenty of negativity and friction between IT and cybersecurity teams. Security teams can be seen as ‘blockers’ that prevent IT from implementing positive changes for the organization. Meanwhile, security teams often feel like their IT operations counterparts just aren’t interested in protecting the organization from outside threats.

While there are arguments on both sides, we in the security industry need to accept a simple fact: IT departments have been around a lot longer than we have, and their processes are more mature.


Consider one of the most prominent frameworks for IT service management (ITSM): the IT Infrastructure Library (ITIL). Developed in the 1980s by the UK Government, ITIL has evolved into the most comprehensive set of IT practices ever devised. It’s more widely used than any other framework, and even Microsoft used it as the basis for its Microsoft Operations Framework (Read more...)