ServiceNow Launches Trusted Security Circles
Now Security Analysts Are No Longer Alone in the War Against Cyber Threats
ORLANDO, Fla.--(BUSINESS WIRE)--May 10, 2017-- KNOWLEDGE17
ServiceNow (NYSE: NOW) today announced Trusted Security Circles, a new cloud-based application that gives enterprises the ability to share and receive hyper-relevant threat intelligence in near real-time. Security teams have been fighting threats in isolation. Sharing information about threats would expose to the world that they were under attack. Now, security teams can ask trusted peers, suppliers and partners about threats and how dangerous they are. Organizations can control the way they share, what they share and whom they share with—including being fully anonymous. Enterprises can be forewarned of targeted attacks and can contribute to the safety of the community. Also today ServiceNow is announcing Vendor Risk Management, enabling organizations to shut the door on third-party risk.
ServiceNow Trusted Security Circles is a new cloud-based application that gives enterprises the ability to share and receive hyper-relevant threat intelligence in near real-time. With this new solution, security teams can ask their peers, suppliers and partners about threats, so they can be forewarned of targeted attacks and proactively make preparation to ensure the safety of their community. (Graphic: Business Wire)
On average, bad actors took about a month to exploit a vulnerability, with half of all first exploitation attempts having occurred within a period of between 10 and 100 days*. Since attackers often use the same exploits against multiple targets in an industry or community, sharing threat intelligence with peers could give others lead time to thwart similar attacks in their own networks.
“Securely and anonymously sharing active threat data with trusted peers has simply not been possible,” said Sean Convery, general manager, Security Business Unit, ServiceNow. “Now, security analysts are no longer alone. ServiceNow enables enterprises to apply the power of collaboration to proactively avert attacks.”
With Trusted Security Circles, a security team may see suspicious activity in their network and will want to know if others in their defined community have also seen it. An anonymous query goes to other members of the chosen circle, and a sightings search is performed against the specified suspicious observables. Customers now know if a security incident they’re investigating is happening to any peers, partners or suppliers. If the number of sightings exceeds a set threshold, a security incident can be automatically opened in ServiceNow Security Operations. This serves as an early warning system for industry-specific, targeted attacks. It can speed up response and shore up an entire supply chain from attacks.
“Having a systematic approach to sharing threat intelligence is important for IT and Security teams to remediate threats within their own company,” said Bart Murphy, CTO, CareWorks Family of Companies. “Now there’s a way to extend that insight to trusted peers. Cloud computing helps make this possible. No one needs to open up their data center.”
ServiceNow Vendor Risk Management
Today ServiceNow also announced Vendor Risk Management, a new cloud-based application enterprises can use to automate third party risk, onboard new vendors more quickly and gain visibility of their overall risk posture. Nearly every organization works with hundreds or even thousands of different vendors, many of whom may be handling or have access to sensitive data. Teams typically use manual, outdated processes to assess the risk of working with these third parties, causing potential compromise of confidential information. Vendor Risk Management transforms these inefficient practices into a centralized system of action that orchestrates the process of assessing the risk of working with a vendor.
With Vendor Risk Management, organizations can now automate the third-party risk management process, ensuring quality and effectiveness of assessment controls. They can onboard new vendors much more quickly, allowing them to get value from their vendors more quickly. And finally, when combined with a broader risk management program, an organization can get a complete view of their overall risk and a systematic way to take action to reduce it.
Both ServiceNow Trusted Security Circles and Vendor Risk Management will be available in third quarter of 2017.