Case Study: State of North Dakota Information Technology (NDIT) achieves a Next-Generation Autonomous SOC to modernize and strengthen statewide cybersecurity with Palo Alto Networks

Palo Alto Networks solutions and Professional Services help the state modernize and strengthen security for its citizens and systems

North Dakota Information Technology (NDIT) provides enterprise-scale IT services for roughly 800,000 citizens and manages a statewide, Fortune‑30‑scale network. Faced with rapidly rising global cyberthreats — millions of attacks monthly, supply‑chain risks, and billions of events detected — NDIT needed to align people, processes, and technology to protect citizen data and build a Next‑Generation Autonomous Security Operations Center (SOC).

Partnering with Palo Alto Networks Professional Services, NDIT implemented a six‑phase SOC Transformation using Cortex XSOAR, Cortex XDR, Cortex Xpanse and extensive automation, playbooks, team reorganizations, and hands‑on training. Outcomes include a 263% increase in XDR coverage, 77% improvement in XDR MTTR, a 90% reduction in MS‑ISAC MTTR, >17,000 auto‑closed incidents, about $200K annual savings, and a lean operating model (.45 FTEs vs. a comparable Fortune‑30). The SOC continues to mature, expand regional services, and drive ongoing improvements.

State of North Dakota Information Technology (NDIT)

Michael Gregg

Chief Information Security Officer