






















Drive has 700+ articles for digital transformation leaders written by StarCIO Digital Trailblazer, Isaac Sacolick. Learn more.
I covered the explosion of AIOps tools several years ago, pre-genAI, and considered whether it marked the beginning of a potential convergence between ITOps and SecOps. I concluded back then that the leadership, cultural, and operational differences between these two functions were too deep a moat to bridge.

But I started to feel differently a few months ago while attending Tanium’s Converge conference. I wrote about Jump Gate as a breakthrough technology after the event, and the full conference experience renewed my interest in whether AI capabilities are now driving and possibly accelerating convergence.

“ITOps and SecOps have to work together, with the same data, and sitting at the same table, because it’s not going to work well in silos,” says Harman Kaur, SVP technology strategy and AI at Tanium.
Harmun explained to me that Tanium branded its conference, Converge, ten years ago and aims to help businesses improve reliability and security more efficiently.
“The convergence between ITOps and SecOps is already happening, and those who don’t get on board will get leapfrogged,” says Tim Morris, chief security advisory for the Americas at Tanium. “When you have a new technology like AI, you find ways to do things better, faster, and more efficiently. But along the way, people figure out and do the work completely differently, asking questions like, ‘How do we avoid the process?’ or ‘Why is the process there to begin with?’ There will be groups that figure out how to manage all of their ITOps and SecOps functions together.”
What can we learn about the potential and challenges of an ITSecOps by reviewing the convergence to DevOps?
Looking back, there were clear motivators for why Dev and Ops became DevOps and later DevSecOps. I wrote about DevOps in 2015, when it was dev versus ops in many enterprises, with dev pushing innovation and ops driving stability. Cloud computing, tools such as CI/CD and IaC, and observability practices are part of the operational backbone that enables DevOps.
Some companies brought Dev and Ops responsibilities under a single agile team. In practice, this worked well for smaller teams deploying microservices built on cloud-native architectures. The operational and organizational convergence is much more challenging in complex environments, in large enterprises, with legacy systems, or where regulations require separation of duties.
Tanium sees the convergence opportunity. So does Insight, a global solutions and systems integrator.
“The historical wall between ITOps and SecOps is collapsing as we move toward a unified toolchain where security and reliability are managed through the same automated workflows,” says John Giglio, director of cloud security at Insight. “By converging these processes, teams can eliminate redundant monitoring silos and ensure that security is an inherent feature of the infrastructure rather than an afterthought.”
Efficiency is one driver. Convergence can also improve outcomes and reduce risks.
“In a time when zero-day vulnerabilities are exploited before we even know about them, we have to build security in before deployment, and the only way to do that is to integrate our teams,” says Rocky Giglio, director, security GTM and solutions at Insight. “One of the core tenets of good security is ‘automation everywhere,’ and this is where code-driven infrastructure and security enable better collaboration and more secure deployments from day one.”
Will we see more enterprises go the ITSecOps route? Pragmatists see convergence in tools and data, but not responsibilities or practices.
“IT Ops and SecOps won’t merge, but their stacks have to, says Eric Tschetter, chief architect at Imply. “ITOps owns reliability. SecOps owns risk; their decision rights must stay separate, but the data can’t because the same signal that flags an outage may also indicate a security incident. As AI floods systems with more data and faster incidents, both teams need a shared, real-time, searchable data layer so they can investigate from the same source of truth without changing workflows, slowing response times, or driving up costs.”
Weldon Dodd, distinguished engineer at Iru, adds, “It is not only useful, but a natural and inevitable consequence of the adoption of hybrid work, mobile devices, and cloud apps that security, identity, application, and device management should come together in integrated tools that provide IT teams with better efficiency, reliability, and visibility across the enterprise.”
AI agents may be the bridge that helps simplify alignment beyond data and tools.
“Instead of navigating 15 tabs and 8 SaaS tools, employees direct AI agents that handle complexity on their behalf,” says Andy Berman, CEO and co-founder at Runlayer. “The real story is the collapse between intent and execution—an employee says what they need, an agent does it, and the platform governs every step.”

Here’s where I net out today, on the question and opportunities around convergence.
Resiliency requires strong ops and secure practices. Business executives see this as one mission with many technical and operational underlying complexities. Tools and data should drive convergence, but emerging tech like AI, changing regulations, and growth priorities will create convergence challenges.
Convergence may be too idealistic, but Digital Trailblazers in Ops and Security roles will drive it in the easy, most beneficial areas.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。