Tina continues: "Because the core of the ServiceNow® Security Incident Response application is built on the NIST framework, we could automate our existing manual processes, giving us the end-to-end visibility and control we needed to reduce risk.”
York goes live with ServiceNow in just six weeks
With the help of CareWorks Tech, a ServiceNow Silver partner, York launched ServiceNow Security Operations in just six weeks. This initial phase included automating security incident response workflows, creating a security service catalog, and integrating with York’s Tanium endpoint management system.
“By leveraging CareWorks Tech’s expertise and engaging with our internal security, helpdesk, and infrastructure stakeholders, we went live successfully in a very short time,” Tina recalls.
Now, ServiceNow automates York’s complete security incident response process, managing and tracking security incidents throughout the entire lifecycle. “With ServiceNow, we can see exactly what’s happening with each security incident—where it’s at and who’s working on it,” says Tina. “We’ve now got SLAs to manage our response times, and ServiceNow lets us know if things go off track.”
ServiceNow accelerates security incident response
ServiceNow hasn’t just automated incident response—it’s accelerated it. Tina explains, “We’ve seen our response times go down now that our security incidents are assigned automatically—with no bouncing around from team to team. When our security team needs IT to remediate an issue, they simply fire off a catalog item, rather than spending time working their way through the helpdesk. That’s why it’s important to have security and IT teams working together on a single platform.”
York simplifies audits and creates customer trust
As well as strengthening York’s security incident response capabilities, ServiceNow has also simplified auditing and helped build customer confidence. “Now, we have a full audit trail for each security incident, along with reporting that shows our overall stance,” Tina says. “That makes it much easier to show our internal and external auditors that we’re complying with stringent regulatory requirements, such as HIPAA and New York State’s Cybersecurity Regulation.”
ServiceNow provides a comprehensive security operations solution
York is already expanding its ServiceNow Security Operations solution. For example, it is in the process of launching vulnerability management, including integrating with a Tenable Nessus vulnerability scanner, sending remediation requests to the right owners and tracking through final resolution. York also plans to extend ServiceNow integration to other security systems.
Summing up the value of ServiceNow Security Operations, Tina concludes, “Most security teams have multiple tools that deliver critical value. However, unless you can consolidate the data from all of your security tools and drive repeatable, reliable security response processes around it, there’s a huge gap. That’s what ServiceNow does for us, helping to ensure that we have the mature security stance our clients deserve.”