May 10, 2017 08:00 AM Eastern Daylight Time
ORLANDO, Fla.--(BUSINESS WIRE)--KNOWLEDGE17 – ServiceNow (NYSE: NOW) today announced Trusted Security Circles, a new cloud-based application that gives enterprises the ability to share and receive hyper-relevant threat intelligence in near real-time. Security teams have been fighting threats in isolation. Sharing information about threats would expose to the world that they were under attack. Now, security teams can ask trusted peers, suppliers and partners about threats and how dangerous they are. Organizations can control the way they share, what they share and whom they share with—including being fully anonymous. Enterprises can be forewarned of targeted attacks and can contribute to the safety of the community. Also today ServiceNow is announcing Vendor Risk Management, enabling organizations to shut the door on third-party risk.
On average, bad actors took about a month to exploit a vulnerability, with half of all first exploitation attempts having occurred within a period of between 10 and 100 days*. Since attackers often use the same exploits against multiple targets in an industry or community, sharing threat intelligence with peers could give others lead time to thwart similar attacks in their own networks.
“Securely and anonymously sharing active threat data with trusted peers has simply not been possible,” said Sean Convery, general manager, Security Business Unit, ServiceNow. “Now, security analysts are no longer alone. ServiceNow enables enterprises to apply the power of collaboration to proactively avert attacks.”
With Trusted Security Circles, a security team may see suspicious activity in their network and will want to know if others in their defined community have also seen it. An anonymous query goes to other members of the chosen circle, and a sightings search is performed against the specified suspicious observables. Customers now know if a security incident they’re investigating is happening to any peers, partners or suppliers. If the number of sightings exceeds a set threshold, a security incident can be automatically opened in ServiceNow Security Operations. This serves as an early warning system for industry-specific, targeted attacks. It can speed up response and shore up an entire supply chain from attacks.
“Having a systematic approach to sharing threat intelligence is important for IT and Security teams to remediate threats within their own company,” said Bart Murphy, CTO, CareWorks Family of Companies. “Now there’s a way to extend that insight to trusted peers. Cloud computing helps make this possible. No one needs to open up their data center.”
ServiceNow Vendor Risk Management
Today ServiceNow also announced Vendor Risk Management, a new cloud-based application enterprises can use to automate third party risk, onboard new vendors more quickly and gain visibility of their overall risk posture. Nearly every organization works with hundreds or even thousands of different vendors, many of whom may be handling or have access to sensitive data. Teams typically use manual, outdated processes to assess the risk of working with these third parties, causing potential compromise of confidential information. Vendor Risk Management transforms these inefficient practices into a centralized system of action that orchestrates the process of assessing the risk of working with a vendor.
With Vendor Risk Management, organizations can now automate the third-party risk management process, ensuring quality and effectiveness of assessment controls. They can onboard new vendors much more quickly, allowing them to get value from their vendors more quickly. And finally, when combined with a broader risk management program, an organization can get a complete view of their overall risk and a systematic way to take action to reduce it.
Both ServiceNow Trusted Security Circles and Vendor Risk Management will be available in third quarter of 2017.
Your enterprise needs to move faster, but lack of process and legacy tools hold you back. Every day, thousands of customer requests, IT incidents, and HR cases follow their own paths—moving back and forth between people, machines and departments. Unstructured. Undocumented. Unimproved for years. With the ServiceNow® System of Action™ you can replace these unstructured work patterns of the past with intelligent workflows of the future. Now every employee, customer and machine can make requests on a single cloud platform. Every department working on these requests can assign and prioritize, collaborate, get down to root cause issues, gain real-time insights and drive to action. Your employees are energized. Your service levels improve. And you realize game-changing economics. Work at Lightspeed™. To find out how, visit www.servicenow.com.
* 2016 Verizon Data Breach Investigations Report
© 2017 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc., in the United States and/or other countries. Other company and product names may be trademarks of the respective companies with which they are associated.