Solutions

  • Products
  • Use Cases
  • Industries
  • WHITE PAPER
  • HR and IT better together
  • Boost productivity and attract quality talent with great employee experiences.
  • EBOOK
  • 5 steps to transformation
  • A proactive, connected client experience is essential for financial services.

Platform

  • ANALYST REPORT
  • The value of digital workflows
  • Get apps to market in half the time at a third of cost with higher satisfaction.

Customers

  • SUCCESS NAVIGATOR
  • Your prescription for success
  • Accelerate outcomes with a step-by-step action plan of proven best practices.

Explore

  • VALUE CALCULATOR
  • Live up to your potential
  • Determine the untapped value across your entire business in just 60 seconds.

The CISO’s 2018 Resolution: Security Orchestration and Automation


Web

It’s that time of the year again when we set resolutions to create better communities and selves. Many of us will resolve to do more and to do better, and, for a time, we will.  With most resolutions, however, human nature inevitably sets in.  We fall back to our old habits, while that new treadmill starts to gather a layer of dust.

Why are resolutions so hard to keep?  Psychologists and sociologists have a lot of theories, but if we look at the obvious, it’s because they are usually focused on things we’re not good at.   Whether it’s skipping dessert, coming home from work earlier, or calling your mother more often – resolutions are all things that take muscle memory and practice.

Security response works the same way.  Despite massive investment, it still takes an average of 191 days to detect a threat and another 66 to contain it.  We know vulnerabilities will need to be patched, but today it takes significant research to determine which ones have the highest potential to impact your company.  At the same time, security teams are overwhelmed and understaffed, and the shortage of qualified security personnel is only expected to increase.  In 2018, we need to make security work better to reduce the almost-daily cascade of breaches we saw in 2017.

We know what we need to do.  More importantly, we now have the tools and approaches to do it. Gartner recently published a report calling on leaders to consider investing in Security Orchestration, Automation and Response (SOAR) technologies.  Gartner predicts that “by the end of 2020, 15% of organizations with a security team larger than five people will leverage SOAR tools for orchestration and automation reasons, up from less than 1% today*.”

Gartner goes on to say that “SOAR supports multiple activities for security operations decision making such as: prioritizing security operations activities formalizing triage and incident response and automating containment workflows.”*

Source: Gartner (November 2017)

I agree and in my experience these benefits can have enormous business impact for clients.  Let’s look at each one in turn.

  1. Prioritizing operations activities. SOAR technologies should combine numerous data inputs from security detection tools, threat intel feeds, third party data sources, and the IT asset database to identify not only where there is a threat – but its risk compared to others in the queue.
  2. Formalizing triage and incident response. With SOAR, everyone can be a superhero, not just a select few.  Through playbooks and pre-defined workflows, ServiceNow can help any analyst more quickly assess and begin to remediate security incidents based on best practices.  This is critical as we continue to face shortages for security skills in 2018 and beyond.
  3. Automating workflows: Use SOAR technologies to automate the first, repeatable (and often mundane) steps in containment and analysis. Then the analyst can make a decision based on the automated investigation.  Not only does this significantly speed time to resolution, it frees up analysts to work on more complex issues.
  4. Creating transparency and a common business language – – ok, I added this one… but great SOAR tools should also give the CISO and SOC director unprecedented transparency to all aspects of the security environment. Through dashboards and visualization techniques, CISOs will be more easily able to communicate with senior management which vulnerabilities and threats exist and the risks of inaction.

In 2018, improving security response is a resolution you can keep.  In fact, it may even free up enough time for you to keep your resolution to get to the gym more often, too.

author byurllist dam nohup.out none_report readme run temp test test.html urllist urllist_backup urllist_full wpreport.csv Gartner Innovation Insight for Security Orchestration, Automation and Response, Claudio Neiva, Craig Lawson, Toby Bussa, Gorka Sadowki, 30 November 2017.

 

Topics

Featured

  • Implementing agile IT service management on a cutting-edge platform
    10-16-2019 ServiceNow customer, Danske Bank, adopted a strategic approach in their service management team. As the largest bank in Denmark and a major retail bank in the Nordics region, they serve 3.5 million retail customers. They have seen tangible evidence of the positive impact of digital workflows and the seamless experiences.
  • Always Be Closing finance
    Service Delivery and Management
    Delivering great service to employees is the first step to improving employee experience
    10-14-2019 The primary audience for HR technology has shifted. It’s no longer HR. They are secondary. Employees are now the primary audience. And while the latest cloud HCM systems can help transform an organization’s HR operations, if you want to improve the employee experience, taking an employee-focused approach to service delivery is the best place to start.
  • At the Tech Lounge, the human touch makes all the difference
    10-11-2019 Director of IT Service Management Mirza Baig and his IT team created the walkup Tech Lounge- a space where employees get personalized attention on complex tech issues. As ServiceNow works on automating many common requests and providing easy to find, self-service options, the IT Support technicians have more time to focus on the tough cases.
  • Strategy
    Lessons from a Top CIO
    10-11-2019 How does a seasoned CIO lead a digital transformation? She makes friends. Great ideas aren’t enough for a CIO to succeed in leading a digital transformation, says Teri Takai, the former CIO of the U.S. Department of Defense, the states of California and Michigan, as well as Meridian Health Plan. In her 40+ year career, she has had to build consensus, prioritize projects that would advance the organization’s overall goals, communicate often, and practice a lot of patience. Read more tips from Takai on WorkflowQuarterly.com, as well as other CIOs, or watch the embedded video.

Trends & Research

How to please customers at scale
Why employee service delivery matters
How to identify your company’s secret influencers

Year