Week 4 highlights from Knowledge 2020


Week 4 highlights from Knowledge 2020

Week 4 at Knowledge 2020 expanded the virtual gathering’s breadth and depth, especially when it came to several IT Workflows sessions by top companies around the world. Here are a few highlights from key presentations. (Be sure to register or sign in to get access to everything below.)

Streamlined risk management at Unisys
Global solutions provider Unisys juggles more than 1,000 active projects with customers at any given time. Maintaining data security within each of those projects is a huge priority—and a complex workflow challenge. “We deliver secure digital solutions to the most demanding businesses around the globe,” explained Unisys senior director of GRC, Seshadri PS, in his session with Iceberg Network’s Andrew Vesay.  “Security is the center of everything we do.”

Unisys’s GRC processes, however, were bogged down by manual tasks, such as making updates and changes in Excel files. Managers lacked a standardized, digital process for risk review. “There was no clear visibility between risk and compliance,” said PS.

Unisys worked with Iceberg to implement ServiceNow’s GRC platform, which solved multiple issues, from automating data intake to installing real-time risk monitoring. While ServiceNow technology enables that today, cultural change proved to be a critical success factor, said PS. The implementation team created webinars for customer project managers, built tutorials and FAQs, and coordinated internal launch communications.

Those strategies “allowed them to learn so they’re able to carry out projects themselves,” he said. “You can do all these technical things, but if you don’t have organizational change, implementation isn’t going to be strong.”

Watch the full session: Rapid security breach isolation with Unisys Stealth and ServiceNow SecOps
 

Anne Kristine Naess


A first for third-party risk management
Financial services companies today must manage a “massive volume of third parties,” explained Tobias Aabel, vendor security manager at DNB, Norway’s largest financial services group. For DNB, the list of third-party firms it manages runs into the thousands and includes distributors, partners, vendors, outsourcing firms, consultants, and others.

Facing a steady stream of new regulatory requirements, such as the European Union’s GDPR regulations, which went into effect in 2018, DNB struggled to balance increasing dependence on third parties with the types of escalating risks they present—from supply chain cyberattacks and financial stability to money laundering. “Who’s in trouble when these third parties mess up?” asked Aabel. “That would be you.”

Enter ServiceNow Vendor Risk Management, which DNB worked to implement with digital integration firm Sopra Steria. Among other functions, the Now platform gives DNB a 360-type tool to digitally manage vendor contract management and signing, and allows risk managers to run multiple existing VRM processes through a new third-party risk portal.

“You’ve placed significant values in the hands of your third parties,” Aabel said. “You have to make sure you can really trust them.”

Watch the full session: DevOps and ITSM: From clash of cultures to happy coexistence
 

Dusan Vignjevic


Real-time threat intelligence at NCR
Thousands of companies today are challenged to make a critical shift in cybersecurity operations—from reactive processes to proactive ones, using digital threat intelligence to handle vulnerability management.

That has been the focus of recent efforts at NCR, a top digital solutions provider to financial, retail, travel, telecom and technology companies around the world. NCR cyber threat intelligence lead Dusan Vignjevic, explained in an IT Workflow session how new, real-time threat intelligence, enabled by ServiceNow, has helped NCR “to prioritize vulnerabilities, and find those needles in the haystack.”

Before NCR implemented ServiceNow, security teams struggled with manual processes for reporting and threat tracking, inconsistent data, and a rising volume of overall threats. The new system, by contrast, provides automated reporting that saves time, tracks false positives and exceptions, and gives managers a unified dashboard and easy visibility into key security metrics.

Not only has the new system lowered overall risk for NCR, the real-time data helps security analysts succeed at higher-level tasks. As NCR IT consultant Rajanikanta Dash explained, ServiceNow “helps analysts make good decisions to elevate patching of any important vulnerability.”

Watch the full session: How NCR built a proactive security program leveraging automation and Threat Intelligence

Topics

  • ServiceNow employees planting trees
    Culture
    Planting trees and growing community
    We partnered to coordinate 12 tree-planting and plant restoration projects around the world. Find out why and ServiceNow employees’ views of the experience.
  • Customer service: smiling businessman on phone walking outdoors
    Customer Experience
    Survey: 3 tips to deliver world-class customer service
    Customer experience and customer service go hand in hand. You can’t deliver consumer-grade experiences without great customer service. Learn three tips.
  • Data augmentation for intent classification with Large Language Models
    Research
    Data augmentation for intent classification with off-the-shelf large language models
    Off-the-shelf large language models like GPT-3 look promising to generate training data even for complex classification setups like intent classification.

Trends & Research

  • Customer service: smiling businessman on phone walking outdoors
    Customer Experience
    Survey: 3 tips to deliver world-class customer service
  • Forrester Wave Leader 2022 Third-Party Risk Management Platforms
    Cybersecurity and risk
    Forrester says ServiceNow is a Leader in third-party risk management
  • Cybersecurity: man sits on train bench with a tablet
    Cybersecurity and risk
    Survey: Cybersecurity requires risk-based management approach

Year