The company's operations and business are now secured against cyberattacks
IT security is now both up-to-date and future-proof at the large production company - and this means that the business does not risk serious breakdowns with large costs as a result.
kaastrup|andersen has helped a large manufacturing company to prepare and initiate the rollout of a completely new connectivity platform to secure the network – and thus the company's entire infrastructure and operations – against compromising cyberattacks that could potentially threaten the existence of the company.
Today, companies need to recognize that it is not a question of whether security will be threatened, it is a question of when. The consequences depend to a large extent on the security measures established in relation to connectivity: network connections in the broadest sense. And an IT network reaches far, from the company’s various locations (both production and offices) to employees' home workplaces and mobile devices, to external business partners and cloud providers.
Do you want to know more?
Challenge
The As-Is situation was a network built up over several years with network equipment which was gradually up to 10 years old – and partly even older. One of the issues in relation to safety was that some of the equipment had gone out of production (End of Service), so in the event of a hardware failure it was crucial that the company itself had spare parts and equipment in stock – and the skills to carry out the repairs. The outdated equipment would eventually become unusable and pose safety problems.
In order to maintain a continuously high level of security, it is necessary to update software continuously and frequently on all network devices. The company had not implemented a structured update of software, nor were more updates released by the manufacturers for the devices that had gone out of production.
The lack of security had the potential to develop into a critical situation for the company, which produces 24/7 and is highly dependent on connectivity: it can quickly become very expensive to have a prolonged, extensive breakdown of the network infrastructure and thus face lost production and perhaps missing deliveries to customers.
Solution
Prior to the project itself, risk assessments had been prepared, including financial impact analyzes of various scenarios for how the company's IT network could potentially be compromised.
Initial assessments showed that updating all network equipment in isolation was a large cost, but the cost was only equivalent to a few days of lost revenue if the company suffered a major network outage.
The goal of the project was therefore to prepare and begin the rollout of a completely new connectivity platform, which was part of a larger digitization plan at an overall company level. The aim of the new platform is high performance and operational stability and access to necessary services, with a continuous high level of security, based on the NIS2 regulation from the European Union.
The solution to the company's challenge thus involved implementing a connectivity strategy with several elements and characteristics:
- Lifecycle Management – continuous monitoring, updating and replacement of equipment
- Automated deployment and updating – all devices get new versions of software automatically, without disrupting operations
- Segmentation and flexibility – parts of the network can be isolated so that damage from possible attacks is limited, for example the use of local firewalls
- Cloud - ready – correctly configured and always updated firewalls that, together with segmentation, reduce the possibility of intrusion via cloud solutions
- Certificate-based Wi-Fi – only approved devices can connect to the company's Wi-Fi network
Another crucial aspect in managing and maintaining network security is user behavior. It is not enough to implement a technical solution: the users must be continuously trained and updated on how to use the IT systems in a secure manner. However, this was not part of the scope of the project.
Result
After completion of the rollout, the company will be left with several gains:
- Continuously high security everywhere in the network
- Increased security specifically around production
- Better cost overview and management in relation to software and hardware
- Effective limitation of the scope of a possible security breach, ensuring that entire production facilities do not come to a standstill
- Organizational framework, division of responsibilities and roles for both operational and strategic tasks
The company has closed the dangerous holes in IT security and at the same time has established a well-functioning, future-proof platform that ensures that both software, hardware and processes are always up-to-date and can withstand the increasing number of attacks on the IT network. This means that the operation and thus the business is now more secure – in both the short and long term – and the company avoids unpleasant surprises with unforeseen costs as a consequence.
kaastrup|andersen helped the customer through the process towards securing the business.
How is the level of security on the network in your company? Is the equipment and software up to date – and how many devices are connected via the network? And have you investigated how much damage a breach can cause? Contact us and let's look together at how best to strengthen your network so that it can cope with the many cyber challenges. Call or write to Tina Lykke Skafsgaard Hentze on 7027 7719 or tlh@kaastrupandersen.dk.
Do you want to know more?