With new threats growing on all fronts, a global cybersecurity firm found its customer numbers skyrocketing.

Delivering advanced threat intelligence for large companies, along with comprehensive managed security service, cyber forensics and incident response services for smaller businesses, the company thrived in a high-growth, fast-paced environment.

But with growth comes challenges.

The company sought a sustainable solution to replace a customer service management (CSM) tool that was failing on a near-weekly basis by partnering with NTT DATA to implement ServiceNow CSM and SecOps solutions.

Business Needs

Hackers are hitting some of the world’s largest enterprises, and business leaders are taking note. In fact, Gartner predicted that businesses would spend more than $172.5 billion on security and risk management in 2022, with projections of growth to $276.3 billion by 2026. Facing more cybersecurity threats than ever before, today’s businesses must protect themselves to stay afloat.

For that reason, this leading managed security services Provider needed a CSM solution to scale and expand as its customer base grew exponentially. Its previous approach — which relied on multiple systems to manage customer-facing — included a homegrown customer facing portal, Demisto, Salesforce, Slack and Jira. It simply couldn’t stack up against the necessity to scale.

This divided, decentralized system also lacked visibility into cases while swiveling across various systems, and eventually began impacting the company’s ability to serve customers. Knowing it needed to deliver a modern, streamlined customer experience, the cybersecurity firm set its sights on a new CSM approach.


  • Handles approximately 300,000 monthly alerts with ease
  • A reliable CSM solution doesn’t crash on a weekly basis (unlike their previous system), Automates customer onboarding and offboarding of clients and has the ability to scale with and support rapid growth
  • Has the ability to scale with and support rapid growth


Planning for success

The company’s goals boiled down to three key objectives:

  • Modernize a customer case management process for SecOps support by migrating service request, health and SOC workflows to ServiceNow
  • Streamline collaboration and communication between internal platforms by integrating ServiceNow with Demisto and Salesforce
  • Configure a scalable solution to onboard customers who require ticket-sharing for customer support

Aside from navigating a ServiceNow project that would integrate CSM with SecOps, the technical environment was complex. Each of three distinct lines of business had a different face and focus, and each required multiple interactions and external portals:

  • Managed security group
  • Brand protection group
  • Third-party risk group

A modern CSM and SecOps solution

The company’s new CSM and SecOps solution now supports each of these multifaceted service lines by catering to each business unit’s respective rules, processes and data requirements.

While ServiceNow’s original CSM solution only solved for one facet of customer support, the platform has since introduced case types for organizations with sub-companies/multiple faces without collisions. By simultaneously providing centralized and individualized service, ServiceNow’s CSM tool offers the best of both worlds.

This specific project required several key integrations. After defining and establishing the necessary integrations, the project team worked diligently to align a new CSM and SecOps solution. A Demisto integration would redefine the standard of customer support by proactively creating cases that send inbound health and security alerts. The NTT DATA team helped define and configure two AE bonding spokes for one customer to share cases. Doing so created a framework with training and enablement for future customer onboarding.

By implementing ServiceNow CSM with an existing customer portal, customers can now elect support on the channel of their choice, including phone, email and portal. The new solution also handles a high volume of alerts (approximately 300,000 monthly) with ease.

An assessment during the project’s build and story testing phase examined the organization’s current state and identified best practices and guidance without incurring technical debt. This catalyzed company-wide change for thinking through processes.

Key takeaways for success

This project demonstrates ServiceNow’s tremendous integration capabilities, handling the multiple CSM integrations across Demisto and two additional custom integrations to help with the customer onboarding process.

The company’s executive buy-in was a crucial component of success. Deeply committed to real transformation, this team was clearly aligned and focused on their goals. Bimonthly meetings with the firm’s CTO and head of operations enabled quick adjustments and flexibility.

Looking ahead: Future plans for ServiceNow

The company now has a reliable CSM solution with a support system that does not crash on a weekly basis like the previous system, automates customer onboarding and offboarding, and can scale with and support rapid growth. Thrilled with the new ServiceNow tool, this company has even more plans for its future with the platform, including expanding customer support by developing applications to be published on the ServiceNow app store.

This ServiceNow project integrates CSM and SecOps, and the implementation serves as the heartbeat of the organization’s growth and expansion of its customer support services. While the challenge put teams to the test, they dove in with full confidence in their technical and strategic abilities to not only deliver a successful implementation but establish best practices along the way, so it can be done again in the future.

About this case study

A global cybersecurity company met the challenge of rapid growth by working with NTT DATA to implement an integrated ServiceNow CSM and SecOps solution.





More Case Studies