Article
Digital Transformation

Tanium, Pentera & Palo Alto Securing Epiroc’s Transformation

By Marcus Law
May 31, 2024
undefined mins
Tanium, Pentera & Palo Alto Securing Epiroc’s Transformation
Cybersecurity partnerships with Tanium, Pentera and Palo Alto Networks are helping Epiroc reach its potential and drive innovation in the mining space

A global leader in mining and infrastructure equipment, Epiroc is driving mining innovation with cutting-edge cybersecurity, as it looks to harness autonomous technologies for enhanced safety and efficiency.

To achieve its ambitious goals, Epiroc has forged strategic partnerships with leading technology providers, such as Tanium, Palo Alto Networks and Pentera. Here, we explore more about how these partnerships are helping Epiroc reach its potential and drive innovation in the mining space. 

Youtube Placeholder

Tanium: Providing visibility and control at speed

Organisations today face an ongoing battle to secure their critical assets and data. Zac Warren, Chief Security Advisor, EMEA at Tanium, understands this challenge all too well. With over a decade of experience utilising Tanium’s platform, he is passionate about helping customers harness its power for enhanced visibility, control and remediation.

At its core, Tanium offers organisations unparalleled visibility into their IT environments, enabling them to see every endpoint, everywhere and manage them in real time. “Tanium gives organisations a level of visibility of their critical assets like no other platform they’ve utilised previously,” he explains.

This level of visibility is crucial for making informed decisions about an organisation's security strategies. Tanium empowers security teams to quickly identify vulnerabilities and issues, and then take immediate action using the platform's control and remediation capabilities.

For Markus Küchler, Epiroc’s Head of IT Security, Tanium has been instrumental in securing newly acquired assets during the company’s ongoing digital transformation. 

“Once a company has been acquired, we appreciate how Tanium gives us the ability to go out and reach out to the endpoints and the servers in their infrastructure,” he says.

As Warren describes, Tanium’s real-time capabilities are particularly valuable during security incidents and breaches. “When you are breached, you can take that data, put it into Tanium, and you will then see, across your entire organisation, exactly which machines are affected.”

This real-time visibility and control can significantly reduce the time and effort required to understand the scope of an attack, enabling organisations to respond more quickly and effectively.

Looking ahead, Warren sees automation playing a significant role in Tanium’s future and its partnerships with organisations like Epiroc. 

Küchler echoes this sentiment, emphasising the importance of technical roadmaps and the need for sophisticated technologies as Epiroc transitions from a manufacturing company to a tech company. 

“I think that continuing with Tanium is going to allow us to make some really wise and good decisions in those areas.”

Youtube Placeholder

Palo Alto Networks: Integrated cybersecurity platform

Epiroc has also forged a pioneering partnership with Palo Alto Networks, a globally recognised cybersecurity leader.

Asa Edner, Country Director of Palo Alto Networks in Sweden, underscores the importance of integrated cybersecurity platforms. 

“We strongly believe in integrated cybersecurity platforms rather than isolated best-of-breed point products as the route forward to really secure organisations and their applications, devices, data, and users,” she says.

Küchler agrees, highlighting the vital role of cybersecurity in gaining customer trust and establishing a competitive advantage: “We need to get our customers' trust, the trust to share their data with us. We also want cybersecurity in its totality to be a competitive differentiator and a unique selling point as to why to choose our big yellow machines.”

The partnership between Epiroc and Palo Alto Networks involves leveraging the latter's SOC (Security Operations Centre) automation platform, including extended detection and response, as well as security operations and orchestration capabilities. This collaboration aims to enable Epiroc to deliver secure services to its clients.

Jesper Olsen, Chief Security Officer for Palo Alto Networks covering Northern Europe, highlights the pressing need for organisations to adapt to the evolving cybersecurity landscape. 

“We need to achieve a level of flexibility that allows our business to adapt to the circumstances,” he says. “Whether we are talking about geopolitics, cyber criminals or our own internal ambitions, we want to drive this direction. That requires flexibility in our infrastructure, and we can only do that with a proper, secure solution."

As Epiroc embarks on an accelerated cloud adoption journey, the partnership with Palo Alto Networks becomes even more crucial. Küchler acknowledges the guidance and expertise Palo Alto Networks provides, enabling Epiroc to navigate the transition while maintaining robust security measures.

Moreover, the collaboration extends beyond technology, fostering an ecosystem that encourages innovation and mutual growth. 

Küchler praises the openness and adaptiveness of Palo Alto Networks: "When working with Palo Alto, if you have ideas and suggestions for modifications and features, there is a good chance you will see them in the next release. We appreciate this possibility to influence new releases.”

Youtube Placeholder

Pentera: Automated security validation at scale

Epiroc's decision to partner with Pentera – the global market leader in automated security validation – was driven by the platform’s innovative technical advancement, research-driven product development and its alignment with the MITRE ATT&CK framework, providing a language that Epiroc's security team could easily understand and consume.

Sivan Harel, VP Sales Europe North, South and MEA at Pentera, explains the concept behind its cutting-edge platform: "Pentera performs hacks just like real threat actors. We don't simulate. Our platform injects safe-by-design versions of payloads in order to showcase exactly what real threat actors can achieve within your organisation. We challenge the complete security stack to showcase where existing security controls are effective, and what needs to be fixed so that organisations can close their security gaps before the hackers exploit them."

As Küchler puts it: “We came to bug bounty as a concept quite early, but then when we looked into Pentera we realised that we could get this automated at scale and periodically, systematically and continuously look into getting the validation to maintain a desired level of cybersecurity.”

In Epiroc’s IT landscape, characterised by numerous acquisitions and ongoing digital transformation, Pentera’s automated security validation capabilities have proven invaluable.

As Küchler explains: “Pentera is part of a suite of tools. Currently, we have three excellent partners: Pentera, Tanium and Palo Alto. Let's say that Palo Alto Cortex XDR discovers evidence of an exploited vulnerability somewhere. Now, from that discovery, we can utilise Tanium to identify and patch the vulnerable software across all our vulnerable devices in real time, minimising our exposure to attacks.

“You might think we’d be satisfied by having done that, but we want to take it to another level. We then ask Pentera to go out and validate that the mitigating actions taken, together with any related, existing settings in our IT infrastructure, are no longer exposing us to an exploitable attack path and that we are on par with our desired cybersecurity posture."

Harel emphasises the importance of the long-term partnership between Pentera and Epiroc, highlighting Pentera's role as a strategic cyber solution within Epiroc’s security stack.

“We're providing a scalable security validation solution, automating Epiroc’s pen-testing and red team operations. Through automated attack emulation, we help Epiroc validate that their existing security controls and policies are actually performing as they should to stop real attacks,” she says.

Looking to the future, both Pentera and Epiroc say they are committed to strengthening their collaboration. 

“We are very keen to maintain the engagement level and the interaction we have with the technical account manager or your architects, that is really key for us,” Küchler notes. “Because we really want to automate and learn and understand the full potential of Pentera in orchestration with our suite of other security tools.”

Click HERE to read the full report

******

Make sure you check out the latest industry news and insights at Mining Digital and also sign up to our global conference series - Manufacturing LIVE 2024

******

Mining Digital is a BizClik brand

TaniumPenteraPalo AltoEpirocCybersecurity
Share
Read full article here
Read full article here
Click here
Share
Author
Marcus Law

Featured Articles

Global Mining Industry Faces Severe Skills Shortage

The mining sector is grappling with a critical skills shortage, driven by declining enrolments in mining engineering and evolving work preferences

Qatar & TechMet Combat China’s Critical Minerals Dominance

Qatar Investment Authority (QIA) makes a $180m investment in TechMet, boosting efforts to secure the minerals supply chains and reducing reliance on China

Omya: Operating at the Nexus of Mining and Construction

Omya is a major miner of calcium carbonate for the construction industry. Here, its Construction VP Philipp Mueller talks sustainability and innovation

Autonomous Mining Truck Market 'Set for Expansion'

Smart Mining

Focus on: Polyhalite, a Fertiliser Mineral of the Future

Supply Chain & Operations

2024 Olympic Medals: All That Glitters is Not Gold

Sourcing & Procurement