Vulnerability management requires good people and patching skills

Multinational construction materials maker LafargeHolcim focuses hard on patching to prevent potential exploits further down the line.

teamwork / collaboration / developers / development / engineers / binary code / virtual interface
Dean Mitchell / Getty Images

Though threat actors have access to increasingly sophisticated and easy-to-use offensive tools, businesses often fail to get basics around patching right, leaving an easy entry route for attackers.

As one of the biggest providers of building materials in the world, LafargeHolcim has a large IT estate and a large workforce trying to move quickly to adopt new services. To ensure the company is safe from potential gaps in its security posture, the security team prioritizes people skills to get the rest of the business on board with security as early as possible in projects, along with a keen focus on vulnerability management to create a foundation of good cyber hygiene.

Cement needs vulnerability management, too

LafargeHolcim is a Swiss manufacturer of building materials including cement, concrete and aggregate, operating in 80 countries with around 80,000 employees. Like almost every company in the 21st century, it has to deal with the security implications of digital transformation, including securing industrial control systems (ICS).

“Like many other businesses,” says Jose Maria Labernia, head of IT security and internal control, European IT services at Lafarge Holcim, “where we see an opportunity that digitization will give us growth or more automation. We are jumping into it.”

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.