CASE STUDY
company was in search of a new security
solution and why it selected Tenable.
He said: “In my role as Security Head at
LafargeHolcim, I take care of implementing
the correct security measures to ensure
our customers in the countries where we
operate, do so securely.
“Security is our licence to operate so
we cannot run our business without
it. At some point, it’s about risk
management – putting the right people
around the table and understanding
the risks, considering how much we
must invest to protect those risks and
understanding the business case. We
do a lot of risk management to integrate
other security aspects into our daily
business activities.”
52
What does the solution do on a
daily basis and how does this
assist with company operations?
Our solution starts by analysing
LafargeHolcim networks to discover
new systems that are automatically
catalogued and afterwards, targeted
for a full vulnerability analysis which
reports back any security issues
present in those systems. Subsequently,
an integration with our ticketing tool is
launched and a dedicated technician is
assigned to solve it. Once the flaws are
fixed and closed in our ticketing tool,
the vulnerability scans confirm whether
the patches have been correctly
applied in all the affected systems to
close the loop.
What security measures do you
have in place more generally?
It could be, for example; implementing
global vulnerability management solutions,
it could be jumping to a new technology
or setting up firewalls in our web
applications – we do this based on risk
management – or it could be whenever
we have new business demands.
What do you consider are
the unique challenges for the
construction industry?
The challenges we face differ to those
of other industries that may be more
dependent on IT such as the banking,
insurance and healthcare sectors.
Issue 12
|
www.intelligentciso.com