Client
Weitzer Parkett is one of Europe's leading parquet manufacturers and Austria's market leader in the production and sale of parquet flooring and wooden stairs. Founded in 1831, the family-owned company is part of the Weitzer Group of Companies with a total of more than 740 employees. Around 3.3 million square meters of parquet are produced each year at the Weiz and Güssing sites in Austria and in Turopolje, Croatia. The company is represented in more than 60 countries worldwide via a distribution network. As one of the first parquet manufacturers, Weitzer Parkett has completely dispensed with the processing of tropical wood since 2009 and uses only domestic wood from sustainable forest management. Today, around 50 percent of the raw material used comes from within a radius of 250 kilometers.
Challenge
As in many manufacturing companies, IT systems at Weitzer Parkett are indispensable for communication, logistics and many manufacturing processes. In the worst case, a failure or disruption due to a successful cyber attack could bring the entire production process to a halt. Today, companies of all sizes and in all industries are coveted targets for cyberattacks. Not only the IT managers, but also the management of Weitzer Parkett are aware of the threat and the importance of robust IT security. However, with a total of seven employees and a wide range of tasks, the IT team is too small to be able to implement the topic of IT security 100 percent itself. To protect the systems and detect potential attack activities, the company previously relied on a "classic" endpoint security solution. Since the possibilities for comprehensive detection are limited here, IT security was to be expanded to include a solution that monitors all systems in the network. Unmanaged clients, for example, should be included so that those devices that do not have an endpoint client are also protected.
Initially, Weitzer Parkett's IT managers considered using a security information and event management tool for early attack detection. However, after in-depth research - and due to the limited personnel resources - a SIEM solution proved to be unsuitable: In addition to the high costs, the effort required for implementation and ongoing operation of the system was also too great.
Solution
Weitzer Parkett therefore decided to use Allgeier secion's Active Cyber Defense (ACD) service on the initiative of the managing director, Josef Stoppacher. The management had recognized the importance of the topic and proactively approved the time and budget required. The solution offered by the Hamburg-based IT security specialists provides effective network protection and requires significantly less financial and human resources than a SIEM.
ACD is a classic "managed detection and response service" (MDR) that proactively and continuously analyzes the corporate network for anomalies. If systems are compromised, Allgeier secion's ACD team takes immediate action, informs the customer's IT managers and provides concrete recommendations for action to avert potential damage from the attackers. The 24/7 Managed Service can be booked at a fixed monthly price and, as a lean but effective early warning system, helps to effectively secure the corporate network so that costly reactive measures can be avoided in the event of an attack.
Result
After a two-hour kick-off meeting with the IT security consultants from Allgeier secion, the implementation of the Active Cyber Defense Service went quickly with the help of the sensors provided: Andreas Goger-Rath, Head of Infrastructure & Security at Weitzer Parkett, needed a total of just two hours at the main site in Weiz and a further hour for each additional site. Shortly after the integration, the system already sounded the alarm.
Criminals attacked Weitzer Parkett by means of a Log4j attack: In doing so, they tried to exploit a critical vulnerability in the widely used logging library for Java applications. If the compromise had succeeded, the criminals could have gained full access and subsequently encrypted the systems using ransomware. However, the attack was detected early and Allgeier secion's ACD team informed the customer immediately. Thus, the attack could be stopped in time and the gap could be closed within one hour. By using ACD, Weitzer Parkett has achieved the highest level of network security and at the same time can permanently relieve its internal IT team.
"In personal and also technical terms, I have to pay a big compliment to Allgeier secion. Everything was right from the start. The ACD solution is very lean and was very quick to implement, so that we were online in just a few days. We are completely satisfied from the preliminary discussions to the implementation and the result. It's reassuring to know that our systems are being monitored externally 24/7 by a competent IT security partner. Sometimes you can be a little blind to what's going on. Now that no attacker goes unnoticed, we can all sleep a little better. To operate a similar service independently in-house would require two to three additional employees. In addition to the personnel costs, there would be costs for software and hardware, which would definitely break the budget. Early attack detection makes a lot of sense and it worked for us immediately after implementation. We are very happy to have ACD in place and can give a 100 percent recommendation to other companies."
Andreas Goger-Rath Head of Infrastructure & Security at Weitzer Parkett