With new threats growing on all fronts, a global cybersecurity firm found its customer numbers skyrocketing.

Delivering advanced threat intelligence for large companies, along with comprehensive managed security service, cyber forensics and incident response services for smaller businesses, the company thrived in a high-growth, fast-paced environment.

But with growth comes challenges.

The company sought a sustainable solution to replace a customer service management (CSM) tool that was failing on a near-weekly basis by partnering with NTT DATA to implement ServiceNow CSM and SecOps solutions.

Business Needs

Hackers are hitting some of the world’s largest enterprises, and business leaders are taking note. In fact, Gartner predicts that businesses will spend more than $172.5 billion on security and risk management in 2022, with projections of growth to $276.3 billion by 2026. Facing more cybersecurity threats than ever before, today’s businesses must protect themselves to stay afloat.

For that reason, this leading Managed Security Services Provider needed a customer service management solution to scale and expand as its customer based grew exponentially. Its previous CSM approach—which relied on multiple systems to manage their customers—included a homegrown customer facing portal, Demisto, Salesforce, Slack and Jira. It simply couldn’t stack up against the necessity to scale.

A divided, decentralized system also lacked visibility into cases while swivelling across various systems, and this eventually began impacting the company’s ability to serve customers. Knowing they needed to deliver a streamlined, modern customer experience, the cybersecurity firm set their sights on a new CSM approach.


  • The new solution handles approximately 300,000 monthly alerts with ease.
  • A reliable CSM solution doesn’t crash on a weekly basis (unlike their previous system), automates the onboarding and offboarding of clients and has the ability to scale with, and support, rapid growth.


Planning for success

The company’s goals boiled down to three key objectives:

  • Modernize a customer case management process for SecOps support by migrating service request, health and SOC workflows to ServiceNow
  • Streamline collaboration and communication between internal platforms by integrating ServiceNow with Demisto and Salesforce
  • Configure a scalable solution to onboard customers who have the requirement to ticket-share for customer support

This was possibly the first ServiceNow project to integrate CSM with SecOps. Aside from navigating this uncharted territory, the technical environment was complex, with three distinct lines of business—each with a different face and focus, and each requiring multiple interactions and external portals:

  • Managed security group
  • Brand protection group
  • Third party risk group

A modern CSM and SecOps solution

The company’s new CSM and SecOps solution now supports each of these multiple service lines by catering to each business unit’s respective rules, processes and data requirements.

While ServiceNow’s original CSM solution only solved for one facet of a company, the platform has since introduced case types for organizations with sub-companies/multiple faces allowing CSM to serve multiple sub-companies on a single platform without collisions. By providing centralized and individualized service simultaneously, ServiceNow’s CSM tool gives the best of both worlds.

This specific project required several key integrations. After defining and establishing the necessary integrations, the project team worked diligently to align a new CSM and SecOps solution. One example is the Demisto integration. Redefining the standard of customer support, this integration proactively creates cases by sending inbound health and security alerts. The NTT DATA team helped define and configure two AE bonding spoke for one customer to share cases. This defined a framework with training and enablement for future customer onboarding.

By implementing ServiceNow CSM with an existing customer portal, their customers can now elect support on the channel of their choice, including phone, email and portal. The new solution also handles a high volume of alerts (approximately 300,000 monthly) with ease.

An assessment during the project’s build and story testing phase examined the current state and identified best practices and guidance without incurring technical debt. This catalyzed organizational change for thinking through processes.

Key takeaways for success

This project demonstrates ServiceNow’s tremendous integration capabilities, handling the multiple CSM integrations across Demisto and two additional custom integrations to help with the customer’s onboarding process.

The company’s executive buy-in was a crucial component of their success. Deeply committed to real transformation, this team was clearly aligned and focused on their goals. Furthermore, bimonthly meetings with the firm’s CTO and head of operations enabled quick adjustments and flexibility.

Looking ahead: future plans for ServiceNow

The company now has a reliable CSM solution with a support system that does not crash on a weekly basis like their previous system, automates the onboarding and offboarding of clients, and that can scale with and support their rapid growth. Thrilled with their new ServiceNow tool, this company has even more plans for their future with the platform, including expanding customer support by developing applications to be published on the ServiceNow app store.

This ServiceNow project integrates CSM and SecOps, and the implementation serves as the heartbeat of services powering the growth and expansion of customer support services. While the challenge put teams to the test, they dove in with full confidence in their technical and strategic abilities, not only to deliver a successful implementation, but also to establish best practices along the way so it can be done again in the future.

About this case study

A global cybersecurity company met the challenge of rapid growth by working with NTT DATA to implement an integrated ServiceNow CSM and SecOps solution.





More Case Studies