Project Description
Industry: Financial $25B+ 7,000+ locations, 150,000 Employees
Size: Large
ServiceNow Products Implementation : ServiceNow CMDB, CSDM, SecOps, SIR, VR
Customer Quotes
“We were missing 99% of the security events in the organization.” (3-4 million per day)
“We were going into <other sources> and just digging information out.”
“Everything was manual.” Fragmented detection and incomplete policies for event handling
“We weren’t keeping up.” (When the team arrived, there were 12 million open security incidents)
Project Overview
This large, distributed enterprise needed to get control over their security operations. They faced dire consequences for strict regulatory non-compliance, customer reputation, as well as a mountain of security threats. The customer had multiple security platforms with no single place to gather threat intelligence or see security events. When ConfigureTek arrived on-site, the customer had 12 million open security incidents, was missing 99% of security events, and facing severe compliance penalties.
ConfigureTek’s Approach
Collaborating closely with security personnel across the organization, ConfigureTek spearheaded an implementation project aimed at tackling key security objectives. This initiative focused on unlocking comprehensive visibility into the security landscape, consolidating security events through integrations, automating threat intelligence processes, efficiently prioritizing cases to optimize human resources, and promptly meeting security compliance requirements to mitigate potential threats. The successful execution of this ServiceNow project leveraged SecOps Security Incident Response (SIR) and Vulnerability Response (VR) modules, emphasizing privacy, vulnerability management, malware detection, phishing prevention, security incident response enhancement, workflow streamlining, and automation integration for a holistic approach to enhancing security measures.
Results
One of our numerous successful SecOps implementations showcases immediate visibility into millions of security events daily, effectively reducing case backlogs through automation. The introduction of new event handling processes has significantly slowed backlog growth, while the For-Your-Eyes-Only team has experienced enhanced productivity and efficiency gains. Achieving auditory and audit compliance, the implementation has led to a 50% decrease in human intervention for security incidents and a notable 30-80% reduction in Mean Time to Resolution (MTTR) for such incidents. Notably, the project was completed within the designated time frame and budgetary constraints, demonstrating a comprehensive and successful integration of security operations measures.
