Case Study

UST helped global data company reduce security breaches to zero in just 5 years

After integrating and enhancing its ServiceNow application, our client streamlined vulnerability management, increased security, and risk visibility, and gained immediate benefits. The company saw a 15% improvement in MTTR and an average vulnerability item close rate of 94.44% per week.

Style

Post-info

CLIENT

This global information services company provides critical data and solutions for various industries, including finance, healthcare, legal and compliance. With operations in more than 150 countries, the company employs nearly 20,000 people and generates more than €5 billion in annual revenue.

CHALLENGE

Providing vulnerability analysts with tools and processes to efficiently resolve security issues

The company wanted to boost its security posture by addressing these vulnerability management issues:

Replacing time-consuming spreadsheets and emails—with automations to track, prioritize, triage, and coordinate vulnerabilities
Accelerating the mean time to resolve (MTTR) vulnerabilities—to mitigate security risks
Increasing options to defer vulnerability remediation—to meet and exceed SLA targets
Streamlining the collection of vulnerability remediation proofs—because using emails was cumbersome and time-consuming
Improving end-to-end visibility—to better understand vulnerabilities across the organization, especially the potentially heightened risks of security exceptions

TRANSFORMATION

Integrating and enhancing ServiceNow application to streamline vulnerability management

After a thorough assessment of the client’s vulnerability management challenges, UST implemented a solution that enabled the company to quickly identify, evaluate, and take action on security vulnerabilities. During the engagement, UST:

Integrated ServiceNow with Rapid7 and Orca asset scanners—which automated workflows to assign vulnerabilities to analysts, for analysts to seamlessly track, defer, remediate, and close items, and for analysts to conduct penetration testing
Enhanced ServiceNow with policy and risk module—enabling vulnerability analysts to defer vulnerabilities, which decreased SLA breaches and improved the company’s risk posture
Produced a catalog form—so the vulnerability management team can upload excel files to a database that automatically logs vulnerability items
Revamped the approval process—by adding reference fields in the vulnerable items form and role-based approvals
Designed an intuitive ServiceNow dashboard—to measure performance analytics
Provided 24x7 support—to help resolve operational issues and continuously monitor and optimize application integrations

IMPACT

Achieving immediate benefits to bolster security posture by mitigating vulnerabilities

The successful engagement enabled the vulnerability management team to scan an average of 43,000 assets daily, equating to 100% of the company’s total assets. In addition, the team can now handle an average of 270,000 new vulnerability items per week and 1 million new items per month, with an average close rate of 94.44% per week. The company has also achieved these results:

Reduced security breaches to zero—during the 5-year engagement
Accelerated page load time by 83.33%—from two minutes to 20 seconds
Improved MTTR by 15%—from 45.7 days to 39.8 days

RESOURCES

https://www.ust.com/en/servicenow

https://www.ust.com/en/industries/tmt-technology