How one of the world’s largest hotel chains reduced incident response time by 80%
Download PDF
Challenge
Donec ullamcorper nulla non metus auctor fringilla. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Donec id elit non mi porta gravida at eget metus.
Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Curabitur blandit tempus porttitor.
Solutions
Nulla vitae elit libero, a pharetra augue. Aenean lacinia bibendum nulla sed consectetur. Cras mattis consectetur purus sit amet fermentum.
Cras justo odio, dapibus ac facilisis in, egestas eget quam.
Skip To The Results5-Star Global Incident Response Case Management from a Powerful Integration of Best-of-breed Security + Privacy Platforms
Privacy and Security Incident response is complex for most organizations and especially so for a global hospitality powerhouse that manages sensitive data on thousands of properties across over 100 countries and territories.
The organization’s information security team was responsible for managing both traditional security incidents as well as those involving privacy. To manage dual responsibilities, they needed a holistic solution that simplified the identification of critical incidents involving privacy and provided workflow and automation tools to expedite remediation.
With strict notification deadlines and severe penalties for failure to comply with global breach notification regulations, the international organization could not rely on their existing manual processes and faced potential fines and reputational damage if they were unable to automate the ability to risk assess incidents involving disclosures of personal information (PI) against the applicable jurisdictional law to ensure they were meeting notification obligations.
Security + Privacy Together
ServiceNow and RadarFirst were uniquely positioned to deliver a transformational Security and Privacy Case Management solution leveraging the hospitality company’s existing platform and expertise, enhanced by RadarFirst’s best-of-breed privacy and compliance solution.
ServiceNow Security Incident Response
This solution simplifies the identification of critical incidents and provides workflow and automation tools to speed up remediation.
RadarFirst Privacy Incident Response
This allows any incident tracked in ServiceNow to be seamlessly assessed to determine if it’s a notifiable data breach under the relevant state, federal and international laws. Radar also helps ensure consistency and proof of compliance to meet an organization’s breach notification obligations.
Data from ServiceNow’s Security Orchestration Automation and Response (SOAR) platform that involves the disclosure of personal data are sent into Radar via integration and automatically escalated as prioritized security incidents. The teams then rely on customized workflows based on the organization’s own security playbook to ensure timely remediation, all the while documenting their burden of proof.
Collaboration = Results
The integrated Security and Privacy Case Management System provides greater efficiencies for managing risk associated with both privacy and security incidents.
Utilizing a productized connector that was made available in the ServiceNow app store in 2020, incidents tracked within ServiceNow that contain PI or PHI are routed to Radar for assessment in accordance with both regulatory and contractual notifications.
Utilizing a productized connector that was made available in the ServiceNow app store in 2020, incidents tracked within ServiceNow that contain PI or PHI are routed to Radar for assessment in accordance with both regulatory and contractual notification obligations.
A bi-directional relationship between the two systems allows the transfer of all key information to remain within the system of choice for auditing and reporting purposes.
Once the privacy or legal stakeholder assesses the incident within Radar, a patented heat-map is generated indicating any notification obligations required under state, federal, or international breach notification laws.
In Summary
Nulla vitae elit libero, a pharetra augue. Vestibulum id ligula porta felis euismod semper. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Maecenas sed diam eget risus varius blandit sit amet non magna.
The organization estimated it can close 70% of the privacy-related incident investigations within 48-72 hours, down from weeks at a time.
Organization believes it can drive down the time it takes to respond to its lower-tier security-related incidents from 60-80%.
Risk
The organization believes it can now meet the most stringent notification obligations thus reducing the potential for missed deadlines, fines, penalties, and reputational damage.
Dig deeper on these topics.
Interested in learning how to simplify incident management?
Related Resources
7 Steps to Raising your Incident Response IQ
7 Steps to Raising your Incident Response IQ
7 Steps to Raising your Incident Response IQ