Skip to Content
Client Story

Securing operations and IT against cyber threats with Caverion

Client: Caverion Corporation
Region: Finland & Europe
Industry: Services and solutions for buildings, infrastructure or industrial sites and processes

Client challenge: Caverion was looking to consolidate their IT service delivery and improve their capabilities in information security management, in order to secure business continuity against cyber threats. 

Solution: Caverion partnered with Capgemini, whose expertise in information security management helps Caverion monitor, analyze, and manage potential incidents and mitigate risks with their Security Information and Event Management system and Security Operations Center. 

Key benefits:  

  • Continuity of business and operations ensured against incidents 
  • Improved ability to anticipate and analyze potential cyber threats 
  • Improved ability to identify and fix vulnerabilities proactively 
  • Improved ability to execute incident management process 

Our life is shaped by the environments we build around us. By making built environments smart and sustainable, Caverion enables performance and people’s well-being. Customers can trust our expert guidance during the entire life cycle of their buildings, infrastructure or industrial sites and processes: from design & build to projects, technical and industrial maintenance, facility management as well as advisory services. Our customers are supported by over 15,000 professionals in 10 countries in Northern and Central Europe. Our revenue in 2021 was approximately EUR 2.1 billion. Caverion’s shares are listed on Nasdaq Helsinki. 

Heikki Linnanen (CIO) oversees that the information security team has everything it needs to keep the business running. This includes budget and resourcing as well as leading the overall strategy of information and information security at Caverion. 

Jari Törmälä (ISO) is responsible for information security implementations, including trainings, policies, general guidance, risk management, and operating the group’s security information and event management system (SIEM). Jari also manages the human resources from Capgemini’s pool of information security experts. 

Consolidating services with a renewed approach to IT Security Management 

In 2017, Caverion tendered nearly their entire IT service portfolio in an effort to consolidate service delivery and gain better control over the information ecosystem. As a result, Capgemini was selected as the service partner in core IT functions, including infrastructure services, application portfolio management, end-user services and IT security management. 

“We tendered most of our IT services and moved from a scattered vendor landscape to a more focused collaboration with key partners. We saw great synergies in having information security under the same roof as other IT services, and Capgemini proved to have a complete offering that we could rely on.” 

– Heikki Linnanen, Chief Information Officer, Caverion

Service delivery began in early 2018. Since then, Caverion has taken crucial steps forward on their path towards incident-free business operations.

Meeting Caverion’s high standards for information security 

Many people recognize Caverion’s white vans on the road, but few outsiders know how central the company’s work is to a well-functioning society. Caverion’s efforts in making the built environment smart and sustainable helps keep organizations like hospitals, educational institutions, grocery stores, energy companies and industrial manufacturers running. For many of their customers, top-notch information security is not optional, but rather a requirement that needs to be met every single day.  

“Being on top of developments in information security, with capable partners like Capgemini, gives us a ‘license to play’ in many cases. For Caverion’s customers, security, excellent conditions and smoothly running operations are crucial 24/7.” 

– Heikki Linnanen, CIO, Caverion 

An organization responsible for these sorts of customers cannot afford to compromise their own information security, either. Caverion’s aim is to be a forerunner in cyber security, not only regarding IT, but also in how information security management enables them to mitigate business risks and to exceed customers’ expectations. 

Caverion’s IT security consists of technical and administrative elements

The technical aspect covers server networks, devices, and unprotected objects. The work revolves around identity and access management that passes through these different layers. Most of the technical security is standardized, but when the environment changes – like now with the shift to cloud – it requires active implementation of new systems and practices. 

The administrative side of information security concerns the management and production of information security services and is based on the ISO 27001 standard. This includes requirements related to the company’s Security Information and Event Management (SIEM) system and the execution, upkeep, and development of related practices. Monitoring is the third pillar that allows the administrative side to react to different situations. 

Operations in several countries benefit from international capabilities in information security. On the one hand, threats need to be identified on a global level, but at the same time, varied local legislation sets country-specific requirements. Heikki and Jari acknowledge, that all barriers can theoretically be breached. Therefore, preparedness and visibility to what’s happening within and around the organization’s information infrastructure is key to avoiding incidents.  

Technology is a big part of the success, but aware people in both IT and business play a key role in the organization’s information security. Caverion is increasing awareness for instance with recurring information security trainings that prepare employees across the organization to better risk management in their daily decisions. 

“The key in risk management is to be systematic about collecting information from different sources, and then analyzing, auditing, and monitoring it in a centralized manner.” 

– Jari Törmälä, Information Security Officer, Caverion

Shielding operations from threats with SIEM and SOC 

The collaboration between Caverion and Capgemini centers around the Security Information and Event Management (SIEM) system, which forms the hard core of Caverion’s information security capabilities.

SIEM enables Caverion to identify information security threats before they have a chance to cause disruptive incidents. It does so by monitoring and analyzing potential events in real-time. The system also tracks and logs security data for compliance and auditing purposes. 

“Our biggest push has been the development of monitoring capabilities; SIEM enables us to collect and analyze data centrally in a logging system, and to build alerts and other highly automated analytics. Our visibility to the state of information security, at any given moment, has increased significantly when working with Capgemini.” 

– Jari Törmälä, ISO, Caverion 

Running 24/7 alongside Caverion’s SIEM is the Security Operations Center (SOC), which reacts to alarming signals with fine-tuned processes. The SOC team consists of Capgemini’s information security experts, who have broad visibility to the global state of cyber security but also know the specifics of Caverion’s industry. The Security Operations Center’s primary responsibilities include analyzing log data, ensuring continuity and compliance, and responding to incidents.

“Operative information security is a stream of incoming triggers and alarms handled by heavy IT. Our Capgemini SOC setup makes sure that the relevant ones are noticed early on and managed appropriately. Our tech and human capabilities have improved a lot, which means we have been able to avoid many problems.” 

– Jari Törmälä, ISO, Caverion 

This complete set of people, technology, and processes provides preventative protection and minimizes the likelihood of unwanted surprises. But eventually, something will come up. In those situations, Caverion can rely on the interplay between SIEM and SOC to mitigate risks threatening the business. 

“Our global reach enables us to detect and flag anomalies very fast, wherever they come up. The benefit to Caverion is an ability to coordinate a response to the potential threat before the company is targeted with malicious attacks.” 

– Mika Tuohimetsä, Head of Cloud Infrastructure Services, Capgemini Finland

The investment is returned as improved business continuity  

The top priority for Heikki and Jari is to ensure disruption-free continuity for the business. Rather than developing information security for IT, Caverion’s IT is a central enabler for other departments. Experiences after several years of cooperation reflect the meaning of the positive impact.

“We have succeeded well. Nowadays, we are better equipped to assess and mitigate risks, predict anomalies, and proactively prevent issues before they become a problem. By being well prepared, we save resources in having to solve problems before they cause issues – like people not being able to read their emails.” 

– Jari Törmälä, ISO, Caverion 

“The impact can be summed up as improved threat prediction and incident management. We can confidently say that we see what is happening within and around our information infrastructure.” 

– Heikki Linnanen, CIO, Caverion 

Visibility to threats and the readiness to proactively safeguard against known vulnerabilities is immensely valuable. Jari estimates, that the investment has paid for itself, when estimated as avoided incidents and achieved continuity. At the same time, Caverion’s information security trainings have increased awareness across the organization, and in preparing employees to assess risks and adjust their decision-making accordingly.  

“Information security and related architecture is so critical to the business, that we must control the foundations. Capgemini plays a key role in implementing the architecture. Especially the SOC provides us with a lot of expertise that would otherwise be difficult to obtain.” 

– Heikki Linnanen, CIO, Caverion

Feedback on the partnership 

Having worked together for over 5 years, the teams at Caverion and Capgemini have witnessed the value of the partnership in many instances. On the other hand, information security is an area where ‘no news is good news’.  

“In a long partnership like this, true service quality is revealed when the people change – this shouldn’t affect the service. Capgemini has done well in this regard. A key person has changed once in 5 years, and everything went smoothly.” 

– Heikki Linnanen, CIO, Caverion

“We can rely on Capgemini to provide us with expertise that would be difficult to attain on our own. They bring to the table deep technological knowhow combined with understanding of Caverion’s business environment. Whenever something comes up, Capgemini is quick on their feet to resolve the issue in order to bring us back to business-as-usual.” 

– Jari Törmälä, ISO, Caverion

Heikki and Jari’s work involves observing the state of security close by, which can at times make one a bit blind to new risks and opportunities. A critical third party that challenges things with fresh thinking is key to staying on top of the situation. 

“I see Capgemini as a reliable and capable partner with great service quality. With this partnership, we have taken leaps forward in maturity. The information security management services have brought ease and reliability to our organization, and personally, it’s good to feel that things are in order.” 

– Jari Törmälä, ISO, Caverion

“Jari summed up the sentiment well. In my experience, IT security management represents top class in Capgemini’s service portfolio.” 

– Heikki Linnanen, CIO, Caverion

Future views on cyber security 

The fact that things are under control now, does not mean that the work is over. Information security develops at an accelerating pace, but this goes hand in hand with the sophistication of attacks. Heikki and Jari see a couple of predominant shifts coming in the near future: 

“One big development is the move towards zero trust security models. This means that previously trusted devices should always be verified, even when connected to a permissioned network. This can include different layers based on network and device, but in general, all use becomes more controlled and requires stronger authentication. 

In the next 5 years, we’ll also see a mass migration from hardware to software, which brings an exponential increase in the importance of cyber security. Cloud-based technologies add flexibility and make solutions like VPN and MPLS obsolete. In the future, identity defines access and rights.” 

– Heikki Linnanen, CIO, Caverion 

“Another ongoing trend is automation – everything is automated to the extent possible. For instance, in monitoring, artificial intelligence or a set of defined rules will block suspicious activities. Time is money here. The faster we can react, the smaller the damage. There’s pressure to get AI into use, because the ‘bad guys’ will be using it, too.” 

– Jari Törmälä, ISO, Caverion 

We share the view that information security management will only become more central to Caverion’s success in the future.

“There really is no other option than to keep developing defences. The information security landscape moves fast, as does Caverion’s industry. What was done 5 years ago is already outdated, and nobody can see what’s coming 5 years from now. We look forward to supporting Caverion’s business continuity as a trusted partner in years to come, whatever the times throw our way.” 

– Juha-Pekka Kohvakka, Head of Projects & Consulting, Cloud Infrastructure Services, Capgemini Finland 

Contact us for more information

Mika Tuohimetsä

Head of Cloud Infrastructure Services, Capgemini Finland
Helping clients to secure business continuity and continuous improvements by using modern technology, automation and Cloud approach, with proven transformation capabilities and expertise of the whole Capgemini group.

Juha-Pekka Kohvakka

Engagement Director
Experienced Engagement Director with a demonstrated history of working in the Information Technology Services industry. Skilled in Global Delivery, IT Service Management, IT Strategy, Project Portfolio Management, and all lifecycle aspects of IT-outsourcing.
    First name is not valid.
    Last name is not valid.
    Company is not valid.
    Email is not valid.
    Message is not valid.
    Thank you for your message. We will reply as soon as possible. While you wait, perhaps get to know our services in information and cybersecurity.

    We are sorry, the form submission failed. Please try again.