Unified Approach to Security Operations
The State of North Dakota Information Technology (NDIT) plays a critical role in safeguarding the technology needs of various entities in the state. By unifying its IT services to enhance efficiencies and increase cybersecurity measures, NDIT embarked on a mission to modernize its security operations. This move not only resulted in a significant decrease in open alerts but also automated 60% of total incidents with the implementation of Cortex XSOAR, reducing the time to find true positives from weeks to minutes.
Challenges and Solutions
Challenges such as scaling security for a growing number of endpoints and controlling costs were addressed by leveraging the Cortex platform. By transitioning to a Next-Generation Firewalls customer, adding Prisma Cloud, and integrating Cortex XSOAR, NDIT achieved a streamlined approach to threat prevention and response. The unification of security tools across state entities led to standardized processes, lowering costs, and driving new automations.
Operational Efficiency and Automation
Embracing the Cortex platform enabled NDIT to manage security for over 250,000 endpoints efficiently while significantly reducing manual tasks through automation. The streamlined workflows not only enhanced the efficiency equivalent to 8-10 SOC analysts but also contributed to improved job satisfaction among NDIT staff. Automation has become a key element in ensuring proactive threat defense for the state.
Interstate Collaboration for Enhanced Security
Modernizing security operations allowed North Dakota to collaborate effectively with other U.S. states, sharing threat intelligence through the Joint-Cybersecurity Operations Command Center (J-CSOC). The implementation of Cortex XSOAR facilitated seamless integration of data from multiple states, enhancing visibility and enabling faster response to evolving threats. Nearly 20% of U.S. states now participate in the J-CSOC, showcasing the success of this collaborative approach.
Continuing the Journey of Security Transformation
Looking ahead, NDIT plans to further enhance its security transformation by adopting AI-driven technologies like Cortex XSIAM to bolster threat detection and response capabilities. The organization remains committed to staying ahead of emerging threats, ensuring the continued success of its security operations center. By partnering with Palo Alto Networks, NDIT is not only safeguarding its digital resources but also setting standards for state cyber operations centers nationwide.