STARCIO

drive digital transformation

STARCIO

StarCIO Drive: Agility, Innovation, Transformation
Drive: Agility, Innovation, Transformation

Welcome to Drive

Drive has 700+ articles for digital transformation leaders written by StarCIO Digital Trailblazer, Isaac Sacolick. Learn more.

Will Agentic AI Drive the Convergence of ITOps and SecOps

I covered the explosion of AIOps tools several years ago, pre-genAI, and considered whether it marked the beginning of a potential convergence between ITOps and SecOps. I concluded back then that the leadership, cultural, and operational differences between these two functions were too deep a moat to bridge.

ITOps SecOps Convergence

But I started to feel differently a few months ago while attending Tanium’s Converge conference. I wrote about Jump Gate as a breakthrough technology after the event, and the full conference experience renewed my interest in whether AI capabilities are now driving and possibly accelerating convergence.

ITOps + SecOps = ITSecOps?

Welcome to Tanium Converge

 “ITOps and SecOps have to work together, with the same data, and sitting at the same table, because it’s not going to work well in silos,” says Harman Kaur, SVP technology strategy and AI at Tanium.

Harmun explained to me that Tanium branded its conference, Converge, ten years ago and aims to help businesses improve reliability and security more efficiently. 

“The convergence between ITOps and SecOps is already happening, and those who don’t get on board will get leapfrogged,” says Tim Morris, chief security advisory for the Americas at Tanium. “When you have a new technology like AI, you find ways to do things better, faster, and more efficiently. But along the way, people figure out and do the work completely differently, asking questions like, ‘How do we avoid the process?’ or ‘Why is the process there to begin with?’ There will be groups that figure out how to manage all of their ITOps and SecOps functions together.”

Learning from how/when Dev + Ops = DevOps

What can we learn about the potential and challenges of an ITSecOps by reviewing the convergence to DevOps?

Looking back, there were clear motivators for why Dev and Ops became DevOps and later DevSecOps. I wrote about DevOps in 2015, when it was dev versus ops in many enterprises, with dev pushing innovation and ops driving stability. Cloud computing, tools such as CI/CD and IaC, and observability practices are part of the operational backbone that enables DevOps.

Some companies brought Dev and Ops responsibilities under a single agile team. In practice, this worked well for smaller teams deploying microservices built on cloud-native architectures. The operational and organizational convergence is much more challenging in complex environments, in large enterprises, with legacy systems, or where regulations require separation of duties.

Unified data, tools, and AI agents are the enablers

Tanium sees the convergence opportunity. So does Insight, a global solutions and systems integrator.

“The historical wall between ITOps and SecOps is collapsing as we move toward a unified toolchain where security and reliability are managed through the same automated workflows,” says John Giglio, director of cloud security at Insight. “By converging these processes, teams can eliminate redundant monitoring silos and ensure that security is an inherent feature of the infrastructure rather than an afterthought.”

Efficiency is one driver. Convergence can also improve outcomes and reduce risks.

“In a time when zero-day vulnerabilities are exploited before we even know about them, we have to build security in before deployment, and the only way to do that is to integrate our teams,” says Rocky Giglio, director, security GTM and solutions at Insight. “One of the core tenets of good security is ‘automation everywhere,’ and this is where code-driven infrastructure and security enable better collaboration and more secure deployments from day one.”

Pragmatic views on what areas of ITOps and SecOps can converge

Will we see more enterprises go the ITSecOps route? Pragmatists see convergence in tools and data, but not responsibilities or practices.

 “IT Ops and SecOps won’t merge, but their stacks have to, says Eric Tschetter, chief architect at Imply. “ITOps owns reliability. SecOps owns risk; their decision rights must stay separate, but the data can’t because the same signal that flags an outage may also indicate a security incident. As AI floods systems with more data and faster incidents, both teams need a shared, real-time, searchable data layer so they can investigate from the same source of truth without changing workflows, slowing response times, or driving up costs.”

Weldon Dodd, distinguished engineer at Iru, adds, “It is not only useful, but a natural and inevitable consequence of the adoption of hybrid work, mobile devices, and cloud apps that security, identity, application, and device management should come together in integrated tools that provide IT teams with better efficiency, reliability, and visibility across the enterprise.”

AI agents may be the bridge that helps simplify alignment beyond data and tools.

“Instead of navigating 15 tabs and 8 SaaS tools, employees direct AI agents that handle complexity on their behalf,” says Andy Berman, CEO and co-founder at Runlayer. “The real story is the collapse between intent and execution—an employee says what they need, an agent does it, and the platform governs every step.”

MPOV on ITOps and SecOps convergence

Schedule a free advisory session with Isaac

Here’s where I net out today, on the question and opportunities around convergence.

  • Leaders must drive convergence in incident management, vulnerability management, and change management through aligned objectives, centralized data, and unified practices. Some tools or views will remain specific to ops and security roles, but during major incidents, these functions must operate as one team.
  • SMBs have the opportunity to improve security and operational resiliency by partnering with MSSPs that offer converged ITOps and SecOps services.
  • Driving convergence in areas like asset management, configuration management, data protection, IAM, and even EDR/XDR is possible, but optimistic. It requires strong leadership to align practices beyond tools and data.
  • AI Agents can help drive convergence, but will also create new operational responsibilities and security risks that are moving targets. Convergence of ITOps and SecOps may take a longer path as many organizations race toward AI capabilities and ROI, and are likely to accumulate tech, ops, security, and talent debt.
  • Many other areas will remain domain-specific. SecOps will remain responsible for areas like security policies, threat intelligence, and security forensics. ITOps will continue managing infrastructure lifecycles, systems automation, EUC, and service desk.

Resiliency requires strong ops and secure practices. Business executives see this as one mission with many technical and operational underlying complexities. Tools and data should drive convergence, but emerging tech like AI, changing regulations, and growth priorities will create convergence challenges.

Convergence may be too idealistic, but Digital Trailblazers in Ops and Security roles will drive it in the easy, most beneficial areas.    

Published on:

Topics:

, , , , , ,

Share on:

Leave a Reply

StarCIO

My company, StarCIO, provides leadership, learning, and advisory programs for companies looking to accelerate delivering business value from digital transformation. Contact me if you’d like to learn more about partnering opportunities.

Isaac Sacolick

Join us for a future session of Coffee with Digital Trailblazers, where we discuss topics for aspiring transformation leaders. If you enjoy my thought leadership, please sign up for the Driving Digital Newsletter and read all about my transformation stories in Digital Trailblazer.

Coffee with Digital Trailblazers hosted by Isaac Sacolick

Digital Trailblazers! Join us Fridays at 11am ET for a live audio discussion on digital transformation topics:  innovation, product management, agile, DevOps, data governance, and more!

Join the Community of StarCIO Digital Trailblazers

About Drive

Drive Agility, Innovation, Transformation

Drive is the blog for digital transformation leaders brought to you by StarCIO and Isaac Sacolick.

Agility, Innovation, and Transformation are the three primary digital transformation core competencies that every StarCIO Digital Trailblazer must champion in their organizations. Learn more About Drive.

About the StarCIO Digital Trailblazer Community

StarCIO Digital Trailblazer Community

Revolutionizing traditional learning, networking, and advising experiences.

Visit the community

About StarCIO

StarCIO

About Isaac Sacolick

Isaac Sacolick

Author, 1,200+ articles, keynote speaker, Chief StarCIO Digital Trailblazer. Full bio

Driving Digital Newsletter

Driving Digital Newsletter

StarCIO Guides

StarCIO Agile Planning Guides

Digital Trailblazer

Digital Trailblazer by Isaac Sacolick

Driving Digital

Driving Digital by Isaac Sacolick

Driving Digital Standup

Driving Digital Standup

Coffee with Digital Trailblazers

StarCIO Coffee With Digital Trailblazers

Recognition

reworked imapct awards 2026 Judge
InfoWorld 2025 Judge
InfoWorld Technology of the Year 2024 Judge
Thinkers360 Top 10 in IT Leadership
Thinkers360 Top Agile Thought Leader
Thinkers360 Top DevOps Leader
Thinkers360 Top in Digital Transfomation
Thinkers360 Top in Analytics
Thinkers360 Top in Product Management

Discover more from StarCIO Digital Trailblazer Community

Subscribe now to keep reading and get access to the full archive.

Continue reading