Tim Cohen
Senior Manager, Security Incident Command
Tim is a crisis/incident management professional with over 15 years of experience leading responses to cyber and information security crises including data/privacy issues, data breaches, major vulnerability remediation, and fraud/abuse events. As a Staff Security Incident Commander on the Global Incident Response team at ServiceNow, Tim's focus is on preparing for, responding to, and recovering from major security incidents affecting ServiceNow.
Recent News
View all
Now on Now: Anatomy of a major incident through the lens of SecOps
Now on Now: Lets collaborate! Responding to a Major Security Incident from the virtual war room
Conference Sessions
Now on Now: Lets collaborate! Responding to a Major Security Incident from the virtual war room
SES3370
<p>After declaring a Major Security Incident, the clock never stops. Gaining insights, tight collaboration and response is paramount across functional teams involved in order to eradicate the threat. Using Major Security Incident Response (MSIM) along with integrations with Microsoft tools helps with a clean communications channel. No matter where your organization is located, let ServiceNow® share our experience managing a virtual SOC globally seamlessly with the help of MSIM during a critical incident. </p>
Now on Now: Anatomy of a major incident through the lens of SecOps
SES1408
<p>With new cybersecurity regulations like the SEC disclosure rule and NIS2 directive, it's time for some practical advice. In this session, learn the measures ServiceNow® takes to prevent, detect, respond to, and recover from such incidents using capabilities like Security Incident Response (SIR) and Major Security Incident Management (MSIM). Our global incident team will share how we foster a culture of automation, collaboration, and continuous improvement by optimizing for human skills vs machine muscle. See how we ensure data and evidence comply with governance and audit expectations.</p>
Now on Now: Supercharging Major Incident Response with Automation and AI
SES2439
Customer security incident management at a SaaS company poses unique challenges, especially in making rapid, risk-based decisions and assessing exposure at scale. Join us to hear about ServiceNow’s latest approach to incident detection, response, and recovery using automation-driven workflows, transparent data sharing, and agentic AI. We'll walk through our own zero-day vulnerability response and how we use our platform via MSIM, CSM, Security Incident Wrap-Up Agent, and VCC app integration to enable swift, resilient responses to major security incidents.