ServiceNow Launches Trusted Security Circles
August 2017 by Marc Jacob
ServiceNow has announced Trusted Security Circles, a new cloud-based application that gives enterprises the ability to share and receive hyper-relevant threat intelligence in near real-time. Security teams have been fighting threats in isolation. Sharing information about threats would expose to the world that they were under attack. Now, security teams can ask trusted peers, suppliers and partners about threats and how dangerous they are. Organizations can control the way they share, what they share and whom they share with — including being fully anonymous. Enterprises can be forewarned of targeted attacks and can contribute to the safety of the community. In addition to Trusted Security Circles, ServiceNow is announcing Vendor Risk Management.
On average, bad actors took about a month to exploit a vulnerability, with half of all first exploitation attempts having occurred within a period of between 10 and 100 days. Since attackers often use the same exploits against multiple targets in an industry or community, sharing threat intelligence with peers could give others lead time to thwart similar attacks in their own networks.
With Trusted Security Circles, a security team may see suspicious activity in their network and will want to know if others in their defined community have also seen it. An anonymous query goes to other members of the chosen circle, and a sightings search is performed against the specified suspicious observables. Customers now know if a security incident they’re investigating is happening to any peers, partners or suppliers. If the number of sightings exceeds a set threshold, a security incident can be automatically opened in ServiceNow Security Operations. This serves as an early warning system for industry-specific, targeted attacks, can speed up response and shore up an entire supply chain from attacks.
ServiceNow Vendor Risk Management
ServiceNow has also announced the availability of Vendor Risk Management, a new cloud-based application enterprises can use to automate third party risk, onboard new vendors more quickly and gain visibility of their overall risk posture. Nearly every organization works with hundreds or even thousands of different vendors, many of whom may be handling or have access to sensitive data. Teams typically use manual, outdated processes to assess the risk of working with these third parties, causing potential compromise of confidential information. Vendor Risk Management transforms these inefficient practices into a centralized system of action that orchestrates the process of assessing the risk of working with a vendor.
With Vendor Risk Management, organizations can now automate the third party risk management process, ensuring quality and effectiveness of assessment controls. They can onboard new vendors much more quickly, allowing them to get value from their vendors more quickly. And finally, when combined with a broader risk management program, an organization can get a complete view of their overall risk and a systematic way to take action to reduce it.