Steve Lorimer

Steve Lorimer

Group Privacy & Information Security Officer

Hexagon AB
Share
Hexagon’s Steve Lorimer explains how the enterprise created a strategy of centralisation and vetting to ensure high-level security in its operations

In an era of escalating cyber threats and expanding attack surfaces, large enterprises face significant challenges in securing their digital assets. Hexagon, the global leader in digital reality solutions, combining sensor, software and autonomous technologies, offers a compelling case study to address these challenges.

Hexagon operates in more than 50 countries with approximately 24,500 employees, specialising in creating precision sensor and software technologies to support customers managing vast amounts of data in our interconnected world. 

 Supporting customers worldwide, the business-to-business tech leader requires a robust security strategy to protect against cyber threats.

A large enterprise's objectives for security

At the helm of Hexagon's information security efforts is Steve Lorimer, the Group Privacy and Information Security Officer. With nearly 23 years of experience within Hexagon and its subsidiaries, Steve brings a comprehensive understanding of the company's operations.

"I joined as a software engineer, and through a number of different roles, I experienced a comprehensive understanding of how the business operates and customers operate globally," says Steve. 

Steve is responsible for deploying all of Hexagon's information security solutions across the company’s five business units. His role extends beyond internal security, collaborating with product teams to ensure Hexagon's products are built with security and privacy in mind.

Hexagon's security habitat

When Steve assumed his role in 2018, it marked the first time Hexagon had a global security officer at the corporate level. He describes the situation as "almost a greenfield opportunity,” presenting both challenges and opportunities.

Under Steve’s leadership, Hexagon transitioned from a decentralised security model to a fully centralised one. This shift was driven by the need for consistency and efficiency across the rapidly growing company.

"As an example, we were at a point where we had seven different EDR or antivirus solutions in play,” Steve explains. “Building consistency across those solutions is very complex and it becomes very difficult to provide assurance that the control set is robust."

Partnering for a full spectrum of security

Hexagon's security success is partly due to strategic partnerships with both large-tech giants and smaller, specialised firms. The company has implemented a rigorous approach to vendor selection, especially for critical services.

"We ran a large RFI-RFP process to narrow the huge vendor landscape to focus on the organisations that could meet our essential needs," Steve explains. Following that, we entered into extensive discussions with select vendors to ensure that they could deliver the necessary quality of services at a scale to meet Hexagon needs.

One crucial partnership is with eSentire, which provides Hexagon with a managed Security Operations Centre (SOC) service. This partnership ensures 24/7 monitoring of Hexagon's systems and networks, enabling rapid detection and response to potential security incidents.

Steve talks about his vision of autonomous manufacturing that prioritises innovation and security for sustainable growth

Keeping safe in a growth-filled future

As a fast-growing company, Hexagon faces ongoing challenges, including an ever-changing compliance landscape and the need to continually enhance its security posture. 

The company is working on projects to increase protection of cloud infrastructure, improving attack surface management operations as well as standardising network and endpoint management across the organisation.

AI is playing an increasingly significant role in Hexagon's security strategy. Steve anticipates that AI will be particularly useful in combating sophisticated social engineering attempts, such as deep fake videos and voice simulations used in fraud attempts.

"We've got technologies like Microsoft Security Copilot which we're starting to use to speed up the incident response process. It can provide significant insights in understanding the evolution of an incident much faster. It also provides clear benefits to reduce the workload of Security Analysts when generating incident reports This continual evolution will help us to defend quicker, respond faster and resolve incidents in a more timely manner."

Securing the gains of tomorrow, today

Hexagon's approach to security, under Steve’s guidance, offers valuable insights for other large enterprises grappling with cybersecurity challenges. 

By centralising operations, carefully selecting partners and embracing emerging technologies like AI, Hexagon has built a strong security foundation to support its high-growth ambitions.

"For me, the most important factors within security are to make sure that you are aligned to the business, and you are supporting the organisation's overall strategic success,” says Steve. 

In an era where digital innovation and security are increasingly intertwined, Hexagon stands as a testament to how companies can successfully balance these crucial aspects.

Read the full report HERE

**************

Make sure you check out the latest edition of Mining Digital and also sign up to our global conference series - Manufacturing LIVE 2024

**************

Mining Digital  is a BizClik brand

Share

Featured Interviews

Featured

Kate Flanagan

Executive General Manager IM & Technology at Roy Hill

Kate Flanagan, Executive General Manager IM & Technology at Roy Hill, details her journey in the mining industry and explains what keeps her motivated

Read More

Markus Küchler

Head of IT Security at Epiroc

Markus Kuchler, Head of IT Security at Epiroc, on how it is driving mining innovation and digital transformation with cutting-edge cybersecurity

Read More
I’m quite proud that, even without a technical background, I’ve managed to acquire sufficient technical acumen at a managerial level to make informed decisions about innovative technologies.
Markus Kuchler
Head of IT Security at Epiroc

Petri Salopera

Vice President, Sustainability, Calibre Mining

Calibre Mining’s VP of Sustainability, Petri Salopera, divulges how the company works with partners to ensure compliance with its ESG initiatives

Read More

Arun Misra

CEO & Whole Time Director, Hindustan Zinc

Arun Misra, CEO of Hindustan Zinc, divulges the company’s current position and how digitalisation plays a role in making underground mining sustainable

Read More

George Whyte

Managing Director, Australia Pacific and Global Mining Sector Leader at Aggreko

Rod Saffy and George Whyte are passionate advocates of inclusivity and believe in close communication with their regional customers

Read More

Kate Flanagan

Executive General Manager IM & Technology at Roy Hill

Kate Flanagan, Executive General Manager IM & Technology at Roy Hill, details her journey in the mining industry and explains what keeps her motivated

Read More