Case Study

Damen docks with Palo Alto Networks to add trusted confident cybersecurity

In brief

Customer

Damen

Partner

ON2IT

Industry

Shipbuilding

Featured Products and Services

Shipbuilding, ship repair, and related services

Organisation Size

12,500 staff; 35 locations worldwide

Location

The Netherlands

Challenges

Shipbuilding yards around the world relied on individual local security platforms, increasing complexity, risk, and costs.

Requirements

    • One connected global cybersecurity strategy across all 35 shipyards.
    • Complete, shared security visibility.
    • Safeguard 7,000 endpoints from any vulnerabilities.
    • Enable secure, fast, seamless remote connectivity in any shipyard.

Solution

Palo Alto Networks portfolio, incorporating:

Network Security platform, consisting of ML-Powered Next-Generation Firewalls, Cloud-Delivered Security Services (Threat Prevention, Advanced URL Filtering, and WildFire), Panorama, and Prisma Access; Cortex XDR
Introduction

Achieving better security outcomes

Damen’s cybersecurity strategy was sailing into a storm. Across five continents, the Dutch maritime organisation’s 35 shipyards and repair facilities each relied on their own local security strategy. Although this decentralised approach safeguarded the business from threats, the inherent complexity was difficult to manage, increased risk, and led to unnecessary overheads.

It was time to rethink the strategy and deliver modern, trusted cybersecurity using one unified portfolio.

CHALLENGES

Sailing a course for cybersecurity

Damen provide maritime solutions through design, shipbuilding, ship repair, and related services. Headquartered in the Netherlands, the family-owned €2.5 billion organisation has 35 shipyards worldwide, from which it most recently delivered 143 ships.

Cybersecurity has evolved fast at Damen. Previously, each of their 35 locations operated its own bespoke security strategy. Separate platforms were deployed locally to meet local demands, including operational technology used in shipbuilding and general IT support systems for finance, HR, and other functions. Although this approach safeguarded regional operations, there was no common global security operating model.

Hans Quivooij, Chief Information Security Officer, Damen explains, “Each entity determined its own network and endpoint security model. This was inefficient and led to considerable pressure on the local IT teams. Network administrators were busy putting out fires, keeping the network running. We wanted them to focus on strategic, value-add security matters.”

Damen operate approximately 7,000 endpoints across 35 shipyards in five continents – and all required resilient defence. “Our shipyards increasingly rely on digital manufacturing and repair techniques,” says Quivooij. “Even one hour of outage would halt manufacturing. We couldn’t let this happen.”

Because Damen’s shipyards build whatever vessels local customers require – from offshore energy supply ships in Romania to oil and gas support ships in the Middle East to defence vessels in the Netherlands – Damen employees are continually travelling between locations to monitor and manage shipyard build and repair work. That requires optimised remote connectivity.

“We build ships wherever the customer needs. People need secure, fast, and reliable connectivity. They don’t want to waste time with a complex connection – that would impact our agility and quality of service,” says Quivooij.

"People need secure, fast, and reliable connectivity. They don’t want to waste time with a complex connection – that would impact our agility and quality of service."

–Hans Quivooij


Chief Information Security Officer, Damen

REQUIREMENTS

Network-wide Zero Trust strategy

Quivooij travelled to Damen shipyards worldwide, evangelising the value of common, unified security – the requirements of which were to:

  • Introduce a single, connected global cybersecurity strategy across 35 shipyards.
  • Create centralised security control and command as part of a managed security operations centre service.
  • Provide complete, shared visibility into security infrastructure, threats, and alerts.
  • Make certain all 7,000 endpoints were safeguarded from known and unknown vulnerabilities.
  • Enable secure, fast, seamless remote connectivity in any shipyard.
SOLUTION

Managed security minimises risk

Damen have deployed a complete, connected Palo Alto Networks portfolio to deliver best-in-class continuous threat inspection across all users, applications, networks, and devices. The solution seamlessly integrates Palo Alto Networks Cortex XDR, with the Network Security platform of ML-Powered Next-Generation Firewalls (NGFWs), Cloud-Delivered Security Services (CDSS) – Threat Prevention, Advanced URL Filtering, WildFire – Panorama and Prisma Access. The visibility and control offered by Palo Alto Networks ML-Powered NGFWs and Prisma Access solutions simplify Damen’s cybersecurity while raising the protection bar.

The Palo Alto Networks Cloud-Delivered Security Services are natively integrated, offering consistent best-inclass protection across the board. Backed by Palo Alto Networks world-renowned Unit 42® Threat Research team, this gives Damen one-of-a-kind protection. By using the network effect of 70,000 global customers, intelligence from all threat vectors can be shared – stopping known, unknown, and zero-day threats 180X faster than any other platform or point solution.

The portfolio is deployed and managed by ON2IT, a leading Dutch-managed security provider. Marcel van Eemeren, ON2IT’s CEO, explains, “We’ve been big fans of Palo Alto Networks for many years, steadily watching the company evolve into the preeminent provider of connected cybersecurity technologies. When Damen approached us, we immediately recommended Palo Alto Networks.”

“We trust ON2IT,” says Quivooij. “Their cybersecurity vision, maturity, and experience have accelerated our journey to a Zero Trust architecture.”

ON2IT’s 24/7 SOC gives Damen trusted “eyes on the glass”: managed security that frees their IT resources to focus on strategy rather than administration. “We are monitoring millions of events every day for Damen, but only one in about 250,000 requires manual intervention,” says van Eemeren. “The rest are automatically dealt with using our EventFlow technology.”

The network security platform – ML-Powered NGFWs, CDSS, and Prisma Access – all balance security, simplicity, and performance, ensuring any Damen user can work without restriction from anywhere. “Prisma Access is plug-and-play,” says van Eemeren. “We can create a secure network in a new location in the click of a finger. It doesn’t matter if a Damen employee is working in a Starbucks coffee shop in Amsterdam or a shipyard in Vietnam, they receive the same great experience.”

Cortex XDR stops breaches with complete endpoint visibility, allowing a coordinated response by ON2IT using playbook-driven automation to speed incident response and investigations. “Cortex XDR was the best decision we ever made. All security data is collected in one place for full visibility and faster investigations,” says Quivooij.

"We’ve been big fans of Palo Alto Networks for many years, steadily watching the company evolve into the preeminent provider of connected cybersecurity technologies. When Damen approached us, we immediately recommended Palo Alto Networks."

–Marcel van Eemeren


ON2IT’s CEO

BENEFITS

Ensuring safe shipbuilding and service

By standardising on the Palo Alto Networks portfolio, Damen are preventing data breaches by eliminating implicit digital trust with a Zero Trust approach. The benefits include:

  • Secured global manufacturing: Damen can continue their shipbuilding programmes, confident that people, data, applications, and devices are secure. “We don’t have issues with end users anymore. Questions like, ‘Can we trust this endpoint?’ or, ‘How can we get a secure connection for this project in Canada?’ have evaporated,” says Quivooij.
  • Increased efficiency: The unified portfolio has rationalised Damen’s fragmented security platforms, slashing complexity, cost, and resources. Each region operates its own security blueprint, based on Palo Alto Networks. “We recently set up a new shipyard in a Canadian parking lot to deliver a ship. We had project supervisors and other staff live on reliable, safe connections in just a few hours,” says Quivooij.
  • Boosted productivity: Advanced SOC automation monitors networks, manages alerts, and supports realtime response to prevent cyberattacks. “Our workstation reinstall rate has dropped by 90% using Palo Alto Networks.”
  • Transformed security awareness: According to Quivooij: “Security is now ingrained everywhere. People are vigilant. By partnering with Palo Alto Networks, we are enabling the ‘human firewall’.”

Quivooij concludes, “Damen builds the best vessels in the world. To do that, we are continually sharing our knowledge worldwide with a wide variety of trusted partners – for example, to deliver vessel automation or propulsion systems. Together, the Palo Alto Networks portfolio and the ON2IT managed service deliver a Zero Trust architecture, ensuring safe shipbuilding and service.”

For more information, visit us online and discover how other customers are partnering with Palo Alto Networks to secure their own digital transformation.