Good nutrition in a cyber secure way

Hero Group

Mention the name Hero and you immediately think of Cassis, jam, baby food or toddler food. This international organisation is active in Europe, North and South America, North Africa and Asia, among other regions. Even so, the family feeling still plays a central role in Hero’s operations. That also means a safe workplace, both physically and digitally. For digital security, Hero relies on the experts at Tesorion.

Read more
Clip path group@2x

Good nutrition in a cyber secure way

Customer Story

With offices around the world, the availability of ICT and data integrity are essential to enable the production of various food products. Business processes such as production, planning and logistics systems must go ahead smoothly. Disruption of one of these processes can cause a lot of delays and problems in the rest of the chain. Of course, this must be prevented. In recent years, Hero has therefore invested heavily in both the standardization and security of its systems.

Information security as a starting point

Erwin Kooiman, Head of Competence Center Information Security at Hero, says: “More than five years ago, we felt the need to formalize the information security policy. The approach to Kahuna at the time appealed to us. When Kahuna was taken over by Tesorion, we went along. Information security is a lot about trust, and we have that trust in the people at Tesorion. In addition, scale and cultural fit also play a role.”

Once the policy side had been set up, it was time to translate the policy into concrete measures. “We mainly grew from acquisitions. That means a lot of separate organizations with their own equipment and applications. We are increasingly bringing these together step by step. For example, if a replacement request occurs for a business unit, we are increasingly trying to consolidate it. For example, we are increasingly in control of the infrastructure, which in turn helps to increase cyber security.”

From data to information

Step by step, taking into account the growth of the organization, security maturity grows. “We wanted a more structured process that brought all security reports together. Simply put, we wanted an efficient way to turn all available data into information. By consolidating the data, we can make connections between separate reports. The ability to correlate this data allows us to quickly identify relevant incidents and filter out the “false positives”. Bringing data together is therefore essential for us.”

Being able to ensure good cyber security is essential. A cybercriminal knows many different techniques to make use of weaknesses within an organization. From people as well as systems and applications. A compromised account can provide access to information that should not be accessible to third parties, or even parts of the production network.

Ensuring business continuity

Erwin: The continuity and integrity of our most important business processes is the most important to us. We always want to be able to guarantee that. We were originally a traditional production company, where we have defined risks related to the quality of our product in various risk analyses, processes and procedures. If there is doubt, we can completely reduce that. That is physical and tangible. Data isn't, which is why identifying and correlating data is so important to us to mitigate risks. For example, if our processes were to come to a standstill due to ransomware, this would cause a very large amount of damage. The financial risk, but also the damage to the name and reputation, is really significant in such a case.”

Bringing data together to get a 360-degree view of Hero's level of cyber maturity also requires attention to vulnerability and patch management. Consolidation and standardization are a practical consequence of this. “Of course, we also make use of vulnerability and patch management. After all, cybersecurity is not a one-off investment but a process that requires continuous attention. The developments are going so fast that it is impossible to manually keep track of which system should be provided with which patch, where a configuration error may have been made or which system may be running for a zero-day. As an organization, we are constantly learning here. That's why we don't just use these types of solutions as a detection tool. Together with a Tesorion consultant, we have regular reviews to see where we are making progress and where we can still improve.”

Conclusion

Recently, Hero also took the step to add SentinelOne for endpoint detection and response. This solution is designed to identify, correlate, and mitigate possible endpoint threats. The various solutions for network detection and response and endpoint detection and response are well connected. For example, insight into possible threats and mitigating opportunities grows in a clear way with Hero's mission: Beautiful products and safety in all possible areas within the organization.

Good nutrition in a cyber secure way

Expertise in this client case

Security Operations

EDR

With our Endpoint Detection and Response (EDR) services, we continuously analyze events on all endpoints and take action in the event of potentially suspicious behavior.

Security Operations

Vulnerability Management

Cybersecurity is an ongoing investment in the security of your organization. Vulnerability management helps your organization resolve vulnerabilities and configuration errors.

Security Operations

NDR

With Network Detection and Response (NDR), we monitor and detect malicious behavior and suspicious events at network level. We monitor both on premise, hybrid, and cloud traffic.

This is achieved with the managed detection service provided by the Tesorion SOC. Advanced technology combined with a security analyst monitors the network and systems. If there is a possible incident, the analyst will indicate which incidents to act on.”

Clip path group@2x
Customer Cases

Discover other customer cases

Plieger takes the burden off your shoulders, with an eye for detail and safety
Customer Case
Plieger takes the burden off your shoulders, with an eye for detail and safety

Plieger Groep

For more than 100 years, the Plieger Group has been a leading name in sanitary ware, heating, installation, air and ventilation, and electrical products. With a head office and distribution center in Zaltbommel, more than 70 express branches, and 20 showrooms, Plieger supplies a range of more than 150,000 items to small and medium-sized installers throughout the Netherlands. Plieger is known as a wholesaler that goes beyond simply delivering: this organization also goes the extra mile when it comes to digital security as well. John Smits, security system administrator at Plieger, explains why the company chose Tesorion’s managed firewall services.
How Highlite brought its cybersecurity to the highest level, with maximum control despite limited capacity
Customer Case
How Highlite brought its cybersecurity to the highest level, with maximum control despite limited capacity

Highlite

For over 30 years, Highlite has been active as an international distributor within the entertainment industry. From its headquarters in Kerkrade and offices in the United Kingdom, Italy and China, the company serves customers in more than 80 countries every day. With a fully automated warehouse of over 25,000 m² and more than 150 employees, availability and speed of delivery are central to its services. During the coronavirus pandemic, Highlite’s board saw major customers becoming victims of targeted cyberattacks. For them, it was a clear signal: this could happen to us as well. Time to take action. Cybersecurity therefore became a weekly topic on the board agenda.
View all
Ellipse 6