CASE STUDY
I
n 2018, LafargeHolcim, a global building
construction materials company,
deployed a Tenable SecurityCenter
solution β now recognised as Tenable.sc β as
part of an advanced global vulnerability
management infrastructure reaching 80
countries and close to 18,000 assets.
The project has been designed and
implemented by MDTEL, a Tenable Gold
Partner in Spain. With this deployment,
LafargeHolcim has achieved a harmonised,
automated global vulnerability
management service that has allowed the
company to significantly reduce its risk
exposure and assure global and regional
policy compliance.
LafargeHolcim today is the result of a merger
between Lafarge and Holcim in 2015, with
the new global company aiming to deliver
compelling benefits for all stakeholders.
The new group increased its offer to
customers through innovation delivered
on an expanded scale, best-in-class R&D
and a combined portfolio of solutions and
products, contributing to addressing the
challenges of urbanisation: affordable
housing, urban sprawl and transport.
LafargeHolcim now has an enhanced
presence in the global building materials
sector and is a global leader across
cement, concrete and aggregates with new
opportunities to optimise production and
commercial networks.
Intelligent CIO Europe spoke to Jose
Maria Labernia, Head of IT Security and
Internal Control, European IT Services at
LafargeHolcim, who explained why the
company was in search of a new security
solution and why it selected Tenable:
In my role as Security Head at
LafargeHolcim, I take care of implementing
the correct security measures to ensure
our customers in the countries where
we operate, do so securely. Security is
our license to operate so we cannot run
our business without it. At some point,
itβs about risk management β putting
the right people around the table and
understanding the risks, considering how
much we must invest to protect those risks
and understanding the business case. We
do a lot of risk management to integrate
other security aspects into our daily
business activities.
SECURITY IS
OUR LICENSE TO
OPERATE SO WE
CANNOT RUN
OUR BUSINESS
WITHOUT IT.
What does the solution do on a daily
basis and how does this assist with
company operations?
Our solution starts by analysing
LafargeHolcim networks to discover new
systems that are automatically catalogued
and afterwards, targeted for a full
vulnerability analysis which reports back
any security issues present in those systems.
Subsequently, an integration with our
ticketing tool is launched and a dedicated
technician is assigned to solve it.
Once the flaws are fixed and closed in our
ticketing tool, the vulnerability scans confirm
whether the patches have been correctly
applied in all the affected systems to close
the loop.
www.intelligentcio.com
INTELLIGENTCIO
59