An expert's big-picture view of the state of SecOps

SecOps in 2024 comes with plenty of challenges, according to one expert, but getting a true assessment of the IT discipline requires a longer-term view.

Christopher Crowley is an independent consultant and senior instructor at the SANS Institute with 20 years of experience managing and securing networks. He is considered a leading expert in building a security operations center, or SOC, and authored the "SANS 2024 SOC Survey" report in May, which focused on the top challenges facing security operations.

In some ways, this year's survey uncovered "the same old story" about SecOps challenges, from misalignment with the business, gaps in collaboration between NetOps and SecOps teams, and heightened stakes for incidents in a software-defined world.

Christopher Crowley

"The cybersecurity problems that we have are narrow in terms of things that are deployed in the world," Crowley told TechTarget Editorial's Beth Pariseau during the first episode of IT Ops Query Season 2. "But ... they actually have a global cascading impact when cybersecurity doesn't work properly, whether that's our own operational interruptions or ... a massive compromise that disrupts the economic or geopolitical status quo."

But as an IT industry veteran who can remember SecOps in its infancy 20 years ago, Crowley said it has improved overall -- especially as companies have migrated to cloud computing -- and he's optimistic that improvement will continue. This year's SOC survey showed a declining opinion of AI and machine learning, for example. Here, too, Crowley takes the long view, chalking that up to the disillusionment common in the early adoption phases of any new technology.

The point where it starts to improve is when we as a race of humans decide that we need to clean some stuff up.

As SecOps continues to mature, Crowley hopes that businesses and IT will focus on clearing technical debt, which he compared to space junk orbiting Earth following decades of space travel.

"We've been launching stuff into Earth's orbit for a while, and the residue causes problems for us and our more advanced capabilities that we would like to deploy," he said. "So the point where it starts to improve is when we as a race of humans decide that we need to clean some stuff up and get it to where we have chosen what sort of information systems are suitable for us."

Beth Pariseau, senior news writer for TechTarget Editorial, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.