In our last two blog posts, we discussed ITSM and NIST and how they apply to your organization’s cybersecurity. Now we are going to show you how the implementation of an ITSM strategy forms the base to layer NIST policy on top of. Sometimes it’s best to start with a story of how this works.

So let’s take a user. We will call her Tirrihana. She is your typical user in that when she has an issue such as needing a password reset or application installed on her system, she will call the helpdesk and submit a ticket for that work to be done.

The process seems straightforward enough:

– Tirrihana has a problem

– She reaches out to the help desk

– The help desk responds, identifies the problem

– IT comes up with a solution, fixes problem

– Enters into log

This is essentially the ITSM process. Seems simple, right? Wrong.

In order for this to take place, your organization needs to do a LOT of work.

There needs to be a system in place which will allow the IT team to acknowledge and track the work to completion. In smaller organizations this typically starts out as a spreadsheet and a single IT technician can take care of the work. However, as the organization grows the work becomes too much for a single individual and thus a team is created.

There then is the need for a more sophisticated system to distribute and track work, this is where the ITSM systems come into play. We all know these systems and, love them or hate them, they are critical to the operation of the organization. By themselves they can help smooth the process, but they must be accompanied by the policy and user training which mandates their use.

After the policy and user training is in place, and the use of the ITSM system has become routine, the organization can then begin to pull metrics. These will measure the critical markers set by the IT Team leads, in conjunction with the business unit leaders, to optimize the operations and flow of data between systems and users.

By knowing what these metrics are and how they apply in each situation and use case, the organization can create a pattern of behaviors for their users. This process of pattern recognition then allows for the tweaking of the system to implement or increase efficiencies for the operations of the organization.

Often times, as the patterns are identified, the organization finds that they need to bring in cybersecurity apparatus and system. These systems can then begin to present anomalies which should be flagged when found.

So as you can see, Tirrihana’s seemingly simple fix actually involves a lot of work.

In our next post, we will layer those NIST policies into your ITSM.