Bridging the Gap: Uniting IT Teams for Effective Cybersecurity
Posted: Wednesday, Jun 14
  • KBI.Media
  • $
  • Bridging the Gap: Uniting IT Teams for Effective Cybersecurity
Karissa Breen, crowned a LinkedIn ‘Top Voice in Technology’, is more commonly known as KB. A serial Entrepreneur that Co-Founded the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity including, an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. KBI.Media is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her flagship podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions in cyber budgets. KB asks hard questions and gets real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. As a Producer and Host of the streaming show,, she sits down with experts to demystify the world of cybersecurity and provide genuine insight to businesses executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Bridging the Gap: Uniting IT Teams for Effective Cybersecurity

It’s critical that IT teams work together with cybersecurity teams to ensure their organisation’s infrastructure is secure. Unfortunately, roles within the tech industry have become much more specialised over the past few decades, leading to isolated silos. This delimitation makes it increasingly difficult for teams to work together in an integrated and elegant way. This delta is even more pronounced between developers – who historically had a more detailed appreciation for the underlying tech prior to the abstraction of many newer languages – and security practitioners. This shift has resulted in rapid development, but concurrently, also overlooked security as part of the development process, and ultimately, security incidents.


IT leaders are beginning to recognise that a purely siloed approach is directly impacting the ability to harmoniously integrate security practices throughout their organisation. 


In this article, we will explore the common pitfalls that occur in IT teams when it comes to security, and how to bridge the gap between developers and security practitioners effectively. We’ll also share expert advice on how to foster a more cohesive working environment where security becomes foundational. 


The Common Missteps of IT Teams in Addressing Security


IT teams have a lot on their plate. They are responsible for designing, developing, and maintaining the technologies that businesses rely on to operate. However, with so many requirements to meet, security can often take a back seat.

Here are some of the most common mistakes:

Lack of Focus on Security Training

While organisations may be proactive in their efforts to ensure their teams have the necessary skills to do their jobs, they often falter in introducing a serious effort towards security training. When it comes to developing an application or standing up a new service, the total focus is all too often functionality, not security. This means that major vulnerabilities may be overlooked, leading to costly breaches and loss of sensitive data. Security measures need to be introduced as part of any project or BAU work, including Change Management practices. There are initiatives and controls like the Secure SDLC (SSDLC) that are both effective and pragmatic, but are often compromised – or even sacrificed entirely – in the name of expediting time-to-ship.


Overlooking Simple Security Measures

Often, the biggest cybersecurity lapses come down to simple oversights. Ports that are forgotten, old subdomains pointing to irrelevant assets, and outdated SSL certificates are all examples of overlooked yet easily addressed security issues. This is particularly apparent in development environments. It is these simple things that can lead to catastrophic security events.

Bridging the Gap: Advice from Experts


Bringing together developers and security practitioners is critical, but easier said than done. Here are some tips from experts in the industry on how to achieve a harmonious working environment where both sides can learn from each other:


Share Knowledge and Expertise

By sharing expertise and knowledge, teams can better understand each other’s respective roles and responsibilities. Encouraging developers to be interested in security is vital, and this can be achieved by security practitioners demonstrating explicitly how their code (or the project) can be compromised, and showcasing how measures to prevent similar attacks can be implemented in their own projects. Likewise, security practitioners should make an effort to understand how both infrastructure and development are evolving, and how this may impact security.


Collaborate on Security Strategy

IT teams and security practitioners need to work together closely to develop an effective security strategy. This should involve reviewing the infrastructure from the attacker’s point of view, identifying vulnerabilities, and addressing them proactively.




The importance of bridging the gap between developers and security practitioners has never been more apparent. The increasing complexity of IT roles and specialised fields means that it’s becoming harder to create secure and reliable infrastructures. By uniting both sides together through shared values, knowledge, and expertise, organisations can better address security issues and prevent costly breaches. Collaboration is the key to creating a cohesive environment where security is at the forefront of everyone’s minds.

Share This