VINCI Energies, the energy, information and communication technology division of the VINCI Group, opened the international security operations center (SOC) of its Axians (ICT) and Actemium (industrial technology) brands in Switzerland on schedule on October 28, 2021. The new center for defense against cyberattacks on IT and OT infrastructures is located in the Industry 4.0 competence center uptownBasel. Along with more than 100 experts, customers and partners, Axians and Actemium launched their SOC hub with a high-profile opening event. On the opening day, visitors had the opportunity to get to know the SOC as the hub to the regional Axians SOC in the EMEA region as well as its services on site. The event program included presentations by technical cybersecurity experts of the Basel-Landschaft Criminal Investigation Department and the University of Applied Sciences Northwestern Switzerland, as well as live demos on the protection of industrial facilities.
Over the past months, VINCI Energies has made investments dedicated to the development of the security operations center hub at its Basel site. Starting immediately, the VINCI Energies brands Actemium (industrial technology) and Axians (ICT) will provide comprehensive cybersecurity protection services and coordinate the international cooperation of its regional SOCs in Germany, the Czech Republic and other European countries.
Implemented by uptownBasel AG, the Basel innovation center reached a major milestone back in July when it went live.
“We are excited to successfully launch the new SOC for ICT and OT in Switzerland, as well as across Europe. As a part of the innovation and competence center uptownBasel, we see ourselves perfectly positioned to secure Industry 4.0 projects from a state-of-the-art SOC location. With the large number of cyberattacks, risks and threats, we recommend our customers get familiar with the leading cybersecurity center in terms of their risk mitigation strategy,” said Stefano Camuso, CEO Axians & Actemium Switzerland.
Coordinating hundreds of cybersecurity experts
In Germany and Switzerland, the Axians and Actemium team already counts more than 100 cybersecurity experts, who are coordinated from SOC Basel. As a hub, the SOC networks have more than 300 specialists worldwide. Within the structured organization, competencies for information and communications technology (ICT) and industrial operating technology (OT) are bundled and the findings from international scientific cooperation regarding critical infrastructures are processed. This provides companies with the highest level of technical expertise and a clear value proposition.
No fixed investment costs due to OPEX model
The price calculation for the use of the security operations center is based on the OPEX (Operational Expenditure) model with annual or monthly financing. This minimizes fixed investments and reduces financial entry barriers. SOC projects are calculated based on events per second – that is, the volume of data processed on the network – and the choice of service level models (24/7 or 9/5 support).
SOC services: achieving a secure IT infrastructure in four steps
The services offered by the SOC can be divided into four major service areas: vulnerability scanning, penetration testing, MDR (Managed Detection and Response) and managed services. With vulnerability scanning, Axians performs a vulnerability and compliance scan of the entire IT infrastructure and presents the most important issues along with remediation steps. Comprehensive and continuous protection is provided by a detailed real-time monitoring solution. The security team proactively receives alerts on potential vulnerabilities and threats so that any issues can be addressed before a security incident occurs.
To verify that cybersecurity measures are deployed appropriately, penetration testing is essential. This involves testing the security of as many system components and applications as possible using the means that an attacker would use (e.g. DDoS attack, Trojans, malware). Axians relies on leading technology for fully automated and continuous pen-testing and the targeted use of the expertise offered by its cybersecurity experts. As a service provider, Actemium ensures the integration of cybersecurity into the entire technology chain – from the sensor to the cloud.
The Active MDR service aims to meet the increasing challenges in endpoint security. Delivered from the SOC at uptownBasel, this cybersecurity service combines endpoint protection technology and human expertise to find, monitor and respond to threats in a timely manner.
Through a comprehensive cybersecurity operational takeover model (managed service), customers place their security in expert hands. These professionals monitor the round-the-clock operation of the IT security systems, eliminating the need for in-house staff to operate their own SOC.
With its portfolio, VINCI Energies 2021 was again recognized by the technology research and consulting company ISG (Information Services Group) in the categories Managed Security Services, Strategic Security Services and Technical Security Services.
“In recent months, I have been particularly impressed by the cross-border collaboration of our experts. Together with the comprehensive services of SOC Basel and our regional SOCs in Germany, we have an unmatched portfolio ranging from consulting and security audits to 24/7 monitoring,” said Jacques Diaz, CEO of Axians Germany.
A typical use case: security for critical infrastructures (CRITIS)
Even before the SOC opening, the majority of Axians’ and Actemium’s customer base has been successfully sensitized and educated about the added value of an SOC. CRITIS operators in particular have shown great interest. Due to legal reporting obligations and high protection requirements, cybersecurity processes such as SIEM (Security Information and Event Management) are of utmost importance here.
For example, a customer – a Swiss waste disposal company that works for the public sector and operates waste incineration plants – commissioned a comprehensive security audit and laid the foundation for permanently securing plant operations from the SOC.
The audit, which was conducted by SOC experts, uncovered and analyzed potential weaknesses in the waste disposal company. After that, plant operations can be secured with pinpoint accuracy from the cyber defense center.
“Simply building commercial rental space was never our goal. We wanted to create a center of excellence for Industry 4.0 and lay the foundations for a culture of innovation, collaboration and networking. After all, we know that success stories are most often the result of teamwork. We are proud that the concept of uptownBasel has proven itself and was able to meet the high requirements of VINCI Energies. We are very much looking forward to further cooperation with their two brands Axians and Actemium”, said Hans-Jörg Fankhauser, site developer responsible for the uptownBasel campus in Arlesheim.