This resource is no longer available
Tough Love: When IT Security Hurts Your Business
As IT commoditization continues to increase audit and control activities, IT gets better at identifying and documenting the causes of significant outages. IT organizations are using ITSM (IT service management based on ITIL) to make the source of many IT failures clear, and they use Business Service Management (BSM) to understand what the customer impact might be for any changes proposed.
ITIL, and even more so BSM, is all about taking one's cue from the business and what is best for the enterprise, and creating processes that confirm business impacts before making any changes. Aligning with business means understanding the business and helping understand the ramifications of decisions.
In an increasing number of cases, these ITIL efforts show the source of the outage to be action from the security department, and the BSM processes show the impact to be devastating in some cases. Unfortunately, it seems as if, in many companies, security staffs do not take advantage of existing IT processes, nor do they understand the impact on the business of the systems they police.