For all the effort that security vendors have been putting into providing more automation for their customers, network protection software is ultimately only as effective the administrator behind the screen. ServiceNow Inc. hopes to elevate the human element in the equation with a new cloud-based offering designed to address one of the biggest productivity bottlenecks affecting incident response efforts: Communications.

A poll conducted by the Enterprise Strategy Group in the run-up to the launch found that nearly 75 percent of corporate security teams lack a formalized policy for coordinating with their peers from the IT department. As a result, administrators end up sharing information about a breach via their company’s teleconferencing system and other traditional channels that don’t lend themselves well to exchanging large quantities of operational data. Ensuring that everyone is on the same page becomes even more difficult during an ongoing cyberattack, when the situation can change from minute to minute.

The new ServiceNow Security Operations service attempts to streamline communications with a collaboration mechanism that specifically focuses on incident information. At its core is a centralized infrastructure database that enables network protection professionals to tag the entry for an infected server with details about the breach, like the sensitivity of the affected records. The IT administrators on the other end thus gains the ability to rank the compromised machines by importance and prioritize their work accordingly, which makes it possible to mitigate the impact of attacks more effectively.

ServiceNow Security Operations also enables teams to create automated security procedures that may be triggered in response to specific events. According to the company, the functionality can be used for anything from from handling handling mundane tasks like patching to actively containing breaches. Users can even have the service assess the scope of an attack and send out a report containing its findings to all the personnel who need to be made aware of the incident.

ServiceNow says that it’s possible to customize the contents of the dashboard based on role such that each recipient is only given the information needed for their work. That includes executives, which enables the security team to use time that would normally be spent giving briefings on tackling the breach at hand. Organizations with more specific requirements can augment the core functionality of the service with third party applications from the vendor’s built-in app store.

Image via ServiceNow