The Importance of Security
The Massachusetts Executive Office of Technology and Security Services (EOTSS) serves as the department of Information Technology for the State of Massachusetts. In this capacity, EOTSS currently oversees the IT resources of nine other state departments, as Massachusetts is not a fully centralized state. They quickly realized they would need an expert on implementing SIR/IRM to help them reach their goals and meet objectives.
Recently, the state moved to begin the process of centralization to bring departments from within its borders together on the same software platform. A current ServiceNow customer, EOTSS, was already using ITSM, and was in the process of rolling out CMDB licenses to other departments for this implementation.
At the same time, malware, and ransomware attacks, as well as other security were affecting various government agencies. In 2020 and 2021, national government leaders called for greater focus on and greater budgetary allocation to cybersecurity efforts considering these breaches.
An Experienced Partner
To increase the government agency’s security posture, EOTSS began working with Cask to build out Governance Risk and Compliance (GRC) as well as Security Incident Response (SIR) on the group’s existing ServiceNow implementation. EOTSS sought to mitigate risks related to malware, phishing, data loss, data breach and policy and code compliance, while modernizing and automating the SIR process.
A lack of standardization within policy and compliance, SIR, and Risk Management processes at EOTSS led to too much time spent back and forth between various monitoring, incident management, auditing, and policy/compliance tools. Executives quickly realized that to develop further, and based on the complexities of GRC and SecOps, that they needed a partner with experience.
Cask was brought on in order to begin implementing SIR/IRM to transform core SOC processes, build out the organization’s policy knowledge base, and modernize Incident Response and Risk Management operations. Through modernized Policy playbooks, the organization was able to eliminate manual work and swivel chair processes to deflect virtual attacks.
“We started out with a current state assessment to understand where they were with their GRC discipline to date, and then from there, workshopped how [EOTSS] could fit what they have into out-of-box implementation [of SIR], because they wanted very little customization.”
Lead Account Executive, James Haslam
EOTSS had a tight timeline for go-live, meaning that Cask needed to implement the SIR module within the first couple of weeks of the project. Policy and Compliance Management implementation followed, as Cask began to replace largely manual processes at EOTSS. Playbooks, built by Cask provided a guided process for responding to phishing, malware, and ransomware attacks moving forward.
On-site training ensured that new policies and procedures were adopted across the board within both the Security and ServiceNow departments, and that new resources were being used effectively while implementing SIR/IRM for Massachusetts state.
Within a compressed timeline, Cask gave EOTSS the ability to report SIR Time to Resolution, average SIR age, number of security incidents, and the average age since the last update. Today, Cask continues to work with EOTSS on new projects, built upon the success of Phase 1.
If you need assistance implementing SIR/IRM capabilities and want to see similar results, request a demo today!
The playbooks provided an automated process [for incident management] and reporting. The ability to report [and view incidents through] the CIO dashboard that we delivered was a very new and refreshing thing for EOTSS.”
Request a complimentary consultation from Cask.
Cask expertise, on tap, to understand and align to your unique challenges and desired outcomes. Our team will contact you to better understand your needs and set up a meeting with Cask advisors, aligned to your goals.