Sean Convery, VP and GM, Security & Risk Business Unit at ServiceNow, talks with Jeff Frick at RSA 2019 from the Forescout booth in Moscone North in San Francisco, CA.
#RSAC #Forescout #theCUBE
https://siliconangle.com/2019/03/12/qa-automating-preventive-cybersecurity-servicenow-rsac/
Q&A: Automating preventive cybersecurity at ServiceNow
An evolving tech landscape faces new security risks to decentralized internet of things and mobile endpoints, as well as the increasing amount of sensitive data in the cloud. By employing the use of that data in automated systems that manage the more repetitive work of digital protection, Sean Convery (pictured), vice president and general manager of the Security & Risk Business Unit at ServiceNow Inc., and his team are creating new opportunities for security innovation.
Convery spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed ServiceNow’s new security offerings and how its partnership with Forescout is enabling greater asset management and visibility for end users. (* Disclosure below.)
[Editor’s note: The following answers have been condensed for clarity.]
What’s been going on at ServiceNow in the security space?
Convery: As our customers have started to get into production now with the security capabilities, as well as our risk capabilities, they’re realizing the benefits of having IT, security and risk on the same platform. They’re starting to manage risk in a holistic way by leveraging operational data on the platform.
If you think about what auditors and compliance people need to do, they’re essentially checking the state of all these compliance tasks throughout an organization. All that data is already in ServiceNow. So, how do you now automate? We take all those mundane tasks around compliance and risk and roll that up to clear, visible risk indicators [and] manage that in a continuous way — what we call continuous monitoring for risk.
How [has] … the assessment of risk changed over time?
Convery: The risk profile is going to continue to modify. What’s important for security teams, risk teams, IT teams is to make sure they’re actually using risks … as their North Star for guiding their security investments. You need to be looking at the risks to your organization, the evolving risk as people shift to cloud … and how you guide your security investments in favor of that. What we’re seeing at ServiceNow is a renewed interest in hygiene. Back to basics.
Your teams want to be focused on the interesting parts of their jobs. If they’re dealing with mundane, phishing response, vulnerability prioritization, it takes the wind out of their sails. But if you can automate those mundane tasks using a digital workflow platform like ServiceNow, then suddenly you free that time up so they can be focused on much more advanced attacks where you want the creative humans focused.
One of the best ways to reduce your attack surface is to manage your vulnerability program in an effective way. If you can deal with patching more efficiently … your inflow of incidents reduces. Then you automate the incidents that remain, and suddenly you’ve got massive time savings.
How long have you been working with Forescout? How do the two systems work together?
Convery: We’ve been working with Forescout for a while. We’ve actually got a number of integrations that are live on the ServiceNow store and customers in production using Forescout. On the asset management, asset discovery side of the house, Forescout has a wealth of capabilities around giving us information about endpoint assets, whether they be traditional assets or IoT assets, and we can feed that directly into the CMDB, our configuration management database, to help manage the overall assets within an organization.
[Then] using the security capabilities inside ServiceNow, we can trigger actions inside Forescout’s environment to block, remediate, isolate when we see something bad happening related to an incident or a vulnerability that we discover.
As people are plugging systems in, typically you want to do that in an agentless way. That’s what Forescout’s really known for, discovering, analyzing what these devices are. The more incoming data we have into our CMDB, the more valuable that is to our customers.
....
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference USA 2019 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference USA 2019 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSA Conference USA 2019 | San Francisco
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSA Conference USA 2019 | San Francisco.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference USA 2019 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference USA 2019 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSA Conference USA 2019 | San Francisco
Please sign in with LinkedIn to continue to RSA Conference USA 2019 | San Francisco. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Sean Convery, ServiceNow | RSA 2019
Sean Convery, VP and GM, Security & Risk Business Unit at ServiceNow, talks with Jeff Frick at RSA 2019 from the Forescout booth in Moscone North in San Francisco, CA.
#RSAC #Forescout #theCUBE
https://siliconangle.com/2019/03/12/qa-automating-preventive-cybersecurity-servicenow-rsac/
Q&A: Automating preventive cybersecurity at ServiceNow
An evolving tech landscape faces new security risks to decentralized internet of things and mobile endpoints, as well as the increasing amount of sensitive data in the cloud. By employing the use of that data in automated systems that manage the more repetitive work of digital protection, Sean Convery (pictured), vice president and general manager of the Security & Risk Business Unit at ServiceNow Inc., and his team are creating new opportunities for security innovation.
Convery spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed ServiceNow’s new security offerings and how its partnership with Forescout is enabling greater asset management and visibility for end users. (* Disclosure below.)
[Editor’s note: The following answers have been condensed for clarity.]
What’s been going on at ServiceNow in the security space?
Convery: As our customers have started to get into production now with the security capabilities, as well as our risk capabilities, they’re realizing the benefits of having IT, security and risk on the same platform. They’re starting to manage risk in a holistic way by leveraging operational data on the platform.
If you think about what auditors and compliance people need to do, they’re essentially checking the state of all these compliance tasks throughout an organization. All that data is already in ServiceNow. So, how do you now automate? We take all those mundane tasks around compliance and risk and roll that up to clear, visible risk indicators [and] manage that in a continuous way — what we call continuous monitoring for risk.
How [has] … the assessment of risk changed over time?
Convery: The risk profile is going to continue to modify. What’s important for security teams, risk teams, IT teams is to make sure they’re actually using risks … as their North Star for guiding their security investments. You need to be looking at the risks to your organization, the evolving risk as people shift to cloud … and how you guide your security investments in favor of that. What we’re seeing at ServiceNow is a renewed interest in hygiene. Back to basics.
Your teams want to be focused on the interesting parts of their jobs. If they’re dealing with mundane, phishing response, vulnerability prioritization, it takes the wind out of their sails. But if you can automate those mundane tasks using a digital workflow platform like ServiceNow, then suddenly you free that time up so they can be focused on much more advanced attacks where you want the creative humans focused.
One of the best ways to reduce your attack surface is to manage your vulnerability program in an effective way. If you can deal with patching more efficiently … your inflow of incidents reduces. Then you automate the incidents that remain, and suddenly you’ve got massive time savings.
How long have you been working with Forescout? How do the two systems work together?
Convery: We’ve been working with Forescout for a while. We’ve actually got a number of integrations that are live on the ServiceNow store and customers in production using Forescout. On the asset management, asset discovery side of the house, Forescout has a wealth of capabilities around giving us information about endpoint assets, whether they be traditional assets or IoT assets, and we can feed that directly into the CMDB, our configuration management database, to help manage the overall assets within an organization.
[Then] using the security capabilities inside ServiceNow, we can trigger actions inside Forescout’s environment to block, remediate, isolate when we see something bad happening related to an incident or a vulnerability that we discover.
As people are plugging systems in, typically you want to do that in an agentless way. That’s what Forescout’s really known for, discovering, analyzing what these devices are. The more incoming data we have into our CMDB, the more valuable that is to our customers.
....
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
