Why IT Admins are Joining the Security Team

Today’s decentralized, global workplace has broadened IT’s role within the enterprise. The role of the IT admin now includes direct responsibility for bolstering a company’s security posture. IT admins have become a core part of the security organization, with 34% of Fortune 500 companies rolling the IT department into the CISO’s purview in 2021. In startups and emerging technology companies, this percentage was close to 80%.

Why has this role changed for IT admins? For one, the pandemic has accelerated across-the-board cloud adoption—and this includes both smaller organizations as well as Fortune 500 companies. Gartner reported that worldwide cloud services spending by end-user organizations will reach $332 billion by the end of this year—a 23% increase since 2020. The mainstream use of emerging technologies such as containerization, virtualization and edge computing also boosted cloud spending. The pandemic, according to Gartner, served as a “multiplier for CIOs’ interest in the cloud,” and prompted them to “overcome any reluctance of moving mission-critical workloads from on-premises to the cloud.” Also, companies relied on cloud technologies to enable their fleet of employees to work from home efficiently and effectively.

In addition to pushing organizations toward a cloud-based infrastructure, the pandemic has spawned new security issues. Internet traffic has nearly doubled since the onset of COVID-19, bringing with it new phishing, spoofing, hacking and fraud attempts. The Federal Trade Commission reported that fraud surged more than 83%. Also, digital fraud attempts against businesses increased 46% since the COVID-19 pandemic began. The remote workplace has also introduced a considerable amount of risk to organizations, and much of the responsibility for that risk falls somewhere between the IT organization and the security organization.

What do these trends mean for IT admins and the security organization? Which roles will change and how will these changes affect the enterprise? And how can everyone collaborate more effectively? 

Changing Priorities, Shifting Roles

Traditionally, the IT department has been tasked with deploying and maintaining a company’s corporate environment. IT admins must also evaluate and install the right hardware and software to keep everything running smoothly. The company’s chief technology officer (CTO) oversees the development and oversight of all things technology within an organization, including applications, products and data science. The chief information officer (CIO), however, leads on-premises infrastructure tasks and oversees IT. The CIO also manages backend business services such as billing and internal tooling, working to ensure these services and processes support company business goals.

The mass adoption of cloud-based infrastructure coupled with the industry moving away from on-premises deployments has caused traditional CIO duties to shift toward the CTO in technology companies. Previously, the CIO managed on-premises infrastructure tasks, backend business services and the IT department.

IT and Security Join Forces

Meanwhile, we are seeing more companies transition their IT admins to the security organization and report to the chief information security officer (CISO). The combined IT/security team works to bolster perimeter security, helps with endpoint device management and strengthens identity and access management. The CISO can be considered the company’s chief security champion, communicating security risks and vulnerabilities to others in the C-suite and outlining plans for prevention, detection and response.

Historically, IT managed networks, hardware, software and data storage while the security team protected the organization’s information system infrastructure from internal and external threats.

We are seeing more collaboration between the IT organization and security operations during the past two years than ever before, as IT drives security rather than simply enabling it. Enterprise IT and enterprise security are now one and the same—and pre-IPO, non-publicly traded companies are already operating this way. Fortune 500 companies are starting to follow suit.

Internal Alignment on Tools, Mission and Framework is Critical

IT and security—as separate teams—held competing priorities. The combined IT-security team must align on process, procedures—as well as tooling. The combined team’s (ultimate) shared mission is to secure information and solve customer problems—which, in turn, boosts business performance. Since there is a great deal of crossover between security operations and systems administration, you must ensure you have the right contextual framework and a shared set of tools that complements both departments within the larger team.

When it comes to compliance initiatives, such as SOC 2 and ISO 27001, many times the security operations team has to ask IT to pull records and perform audits against specific security controls. There are common frameworks and tools that allow the IT team and the security team to port over information to each other and work from the same knowledge base. Basically, these systems administrators, security managers and IT leaders now have exposure to a complementary set of day-to-day activities and can solve a multitude of different, unique business problems.

Cross-Functional Knowledge Sharing Is Key

I know many people from my previous IT teams who are now security professionals. There are also security professionals who learn new skills from systems administrators. IT and security both share a set of core skills but it’s the continued knowledge sharing among both groups that helps everyone ‘level up’ in real-time.

For example, IT usually owns identity and access management tasks. This involves managing who has access to which systems and when. IT also manages how these rules are provisioned to prevent any deviation from what’s been decided by the organization. Admins with these specific skills can help with significant engineering improvements within infrastructure or engineering initiatives. They can enhance levels and layers of security as projects are being built out—and this strengthens the entire company.

The pandemic has forced change throughout the enterprise—a new workplace, shifting roles and different priorities. Forward-looking organizations embrace this change, including the need to double down on security. IT admins and security professionals working more closely together is a win-win for a more secure, nimble and innovative organization.

Avatar photo

Chaim Mazal

Chaim Mazal is the SVP of Technology and CISO at Kandji, an Apple device management (MDM) solution built exclusively for IT teams, where he oversees the product engineering, infrastructure, data, and information security organizations. Before joining the Kandji team, Chaim built engineering first security programs at three of the highest valued multi-billion dollar SaaS startups in Mid-West: ActiveCampaign, Uptake, and Avant. Chaim has created several SaaS-specific engineering focused programs using his expertise in product lead hyper-growth and offensive security to secure fast-paced modern environments.

chaim-mazal has 2 posts and counting.See all posts by chaim-mazal