USE CASE GUIDE Get real-time insights on security posture and SOC performance via reporting Visibility can be an elusive topic in security. You know you need it, but what exactly do you need to see to be successful? With the vast number of security tools used in modern enterprises—over 75 on average—understanding the big picture when it comes to security has become increasingly difficult. But it’s more than just the big picture—you also need to tailor visibility to the viewer and their goals. A 2021 report from the SANS Institute4 looked at three key stakeholders and their expectations. Here are some of the needs by role: • Senior management: industry security risk trends, security preparedness, organizational risk, and performance over time • Operational security teams: near real-time view of vulnerabilities, events, and threats, plus signs of malware, misuse, or compliance failures • Analysts: baseline behavior, device communication, and indications of the latest threat Let’s look at how ServiceNow provides the right level of visibility to these different roles. Senior management An organization’s CISO needs to provide an update to the board of directors on the status of the security program. They need quantitative metrics to back up the assessment of the organizations current risk exposure and security team performance. ServiceNow® Performance Analytics dashboards, built into ServiceNow Security Operations, simply and quickly deliver key performance indicators for security—such as the time to identify, contain, and eradicate security incidents. The data in these dashboards is tracked from the actual incident records, meaning it’s accurate and up-to-date. Dashboards can also track security status via any number of statistics, including open incidents by priority, or open critical vulnerabilities. 4 Filkins, Barbara and Pescatore, John, A SANS 2021 Report: Making Visibility De昀椀nable and Measurable 15