VINCI Energies, the energy and information and communication technology division of the VINCI Group, opened the international Security Operations Center (SOC) of its Axians (ICT) and Actemium (industrial technology) brands in Switzerland on 28 October 2021, as planned. This new centre for defending against cyber attacks against IT and OT infrastructures is located in the Industry 4.0 competence centre uptownBasel. Joined by more than 100 experts, customers and partners, Axians and Actemium opened their SOC hub with a high-profile opening event. The opening day allowed visitors to have a closer look at the SOC, which forms the hub to the regional Axians SOC in the EMEA region, and its services on site. The event programme included presentations by technical cyber security experts, the Basel-Landschaft Criminal Investigation Department and the University of Applied Sciences of Northwestern Switzerland, along with live demos on protecting industrial facilities.
In recent months, VINCI Energies has made targeted investments in establishing the Security Operations Center hub in Basel. From now on, VINCI Energies’ Actemium (industrial technology) and Axians (ICT) brands will be providing comprehensive cyber security protection measures and coordinating the international cooperation between the regional SOCs in Germany, the Czech Republic and other European countries from this facility.
In the age of Industry 4.0, this generates special added value, particularly for manufacturing companies. At the SOC Basel, all the networked sensors, machines, systems and devices will be monitored, security patterns and anomalies will be analysed, and protective measures will be initiated in order to ward off potential security attacks.
This innovation centre in Basel, run by uptownBasel AG, already attained a major milestone in July when it commenced operations.
“We are pleased that we are successfully launching the new SOC for ICT and OT in Switzerland, and also for all of Europe. As part of the uptownBasel innovation and competence centre, we see ourselves as being perfectly positioned to underpin Industry 4.0 projects from a state-of-the-art SOC facility. Due to the high number of cyber security attacks, risks and threats, we recommend that our clients familiarise themselves with this leading cyber security centre to learn about its risk mitigation strategy,” reports Stefano Camuso, CEO of Axians & Actemium Switzerland.
Coordinating hundreds of cyber security experts
In Germany and Switzerland, the Axians and Actemium team already numbers more than 100 cyber security experts, all of whom are coordinated from SOC Basel. The SOC acts as a global network, bringing together over 300 specialists worldwide. Information and communication technology (ICT) and industrial operating technology (OT) competencies will be bundled within the structured organisation, and findings from international scientific collaborations will be used to inform critical infrastructures. As a result, companies will benefit from incomparable expertise and a clearly defined performance promise.
No fixed investment costs thanks to OPEX model
The cost of using the Security Operations Center is calculated according to the OPEX (Operational Expenditure) model, with financing either on an annual or monthly basis. This minimises fixed investments and reduces financial barriers to entry. The cost calculation for SOC projects is based on events per second – i.e. the volume of data processed in the network – plus the choice of service level models (24/7 or 9/5 support).
SOC services: Four steps to a secure IT infrastructure
The services offered by the SOC can be divided into four major areas of activity: Vulnerability Scan, Penetration Testing, MDR (Managed Detection and Response) and Managed Services. In the Vulnerability Scan, Axians scans the entire IT infrastructure for vulnerability and compliance and presents the most important issues along with remedial steps. Comprehensive and continuous protection is provided by a detailed real-time monitoring solution. The security team proactively receives alerts on potential vulnerabilities and threats so that any issues can be addressed before a security incident even occurs.
Penetration Testing is needed to check whether cyber security measures are being used in a meaningful way. This involves testing the security of as many of a company’s system components and applications as possible by employing the means that an attacker would use (e.g. DDoS attack, Trojans, malware). Axians relies on cutting-edge technology for fully automated and continuous “pen testing” and the targeted use of the expertise of its cyber security experts. As a service provider, Actemium ensures that cyber security is integrated into the entire technology chain – from sensor to cloud.
The Active MDR (Managed Detection and Response) service is designed to meet the ever greater challenges in the area of endpoint security. This cyber security service, rendered by uptownBasel from the SOC, combines endpoint protection technology and human expertise in order to find, monitor and respond to threats in a timely manner.
Customers put their security in expert hands through a comprehensive cybersecurity operational takeover model (Managed Service), which monitor the round-the-clock operation of the IT security systems. This eliminates the need for the company to dedicate staff to operate its own SOC.
Thanks to its portfolio, VINCI Energies once again received awards in 2021 from ISG (Information Services Group), a technology research and consulting firm, in the categories of Managed Security Services, Strategic Security Services and Technical Security Services.
“In recent months, I have been particularly enthusiastic about the cross-border cooperation of our experts. An industry-leading team has emerged here. Together with the comprehensive services offered by SOC Basel and in conjunction with our regional SOCs in Germany, we have an unbeatable portfolio from consulting to security audits to 24/7 monitoring,” says Jacques Diaz, CEO of Axians Germany.
Typical application: Critical Information Infrastructures Security (CRITIS)
Even before the SOC was opened, the majority of the Axians and Actemium customer base had already been successfully made aware of and educated about the added value of a SOC. This is of great interest to operators of critical information infrastructures (CRITIS). Due to legal reporting obligations and high protection requirements, cyber security processes such as SIEM (Security Information and Event Management) are of the utmost importance to them.
For example, one client – a Swiss waste disposal company that works for the public sector and operates waste incineration plants – commissioned a comprehensive security audit, thereby laying the foundation for the SOC to safeguard its plant operations permanently.
The audit carried out by SOC experts uncovered the waste management company’s potential weaknesses and allowed them to be analysed. Subsequently, plant operations can now be secured with pinpoint accuracy from the cyber defence centre.
“Simply building commercial rental space was never our goal. We wanted to create a centre of excellence for Industry 4.0 and, at the same time, lay the foundations for a culture of innovation, collaboration and networking, for we know that success stories are usually the result of teamwork. We are proud that the uptownBasel concept has proven its worth and has been able to meet VINCI Energies’ high demands. We are very much looking forward to further collaboration with their two brands Axians and Actemium,” says Hans-Jörg Fankhauser, the site developer responsible for the uptownBasel campus in Arlesheim.
More information about the Security Operations Center will be provided by Axians cyber security experts in the interview.
Stefano Camuso, CEO of Axians & Actemium Switzerland, welcomes more than 100 guests at the opening of the SOC hub in Basel (Image source: Axians & Actemium)
Experts, customers and partners put their trust in holistic protection for companies – especially in the Industry 4.0 environment (Image source: Axians & Actemium)
Stefano Camuso, CEO Axians & Actemium Schweiz (Bildquelle: Axians & Actemium)
Jacques Diaz, CEO von Axians Deutschland (Quelle: Axians)