Case Study

AutoStore Reinforces and Improves Cybersecurity with CYE

Download PDF
icon

Industry

Electronic Manufacturing

icon

Customer

Autostore

icon

Headquarters

Norway

icon

Countries

45+

About the Company

AutoStore™, founded in 1996, is a technology company that develops order-fulfillment solutions to help brands achieve efficiency gains within the storage and retrieval of goods. Its focus is to marry software and hardware with human abilities to create the future of warehousing.The company is global, with 1,000+ systems in 45+ countries in a wide range of industries. All sales are distributed, designed, installed, and serviced by a network of qualified system integrators called “partners.”

The Challenge: Assess Cybersecurity and Determine the Effectiveness of Security Supplier

As a leading automated storage and retrieval system solution, AutoStore is entrusted with clients’ confidential information and thus has always made cybersecurity a priority. As sophisticated world cyberattacks proliferated, however, the company decided to boost its efforts to ensure that the company was fully protected and secure.

As a result, CYE was brought on board to perform a comprehensive baseline assessment that would check the effectiveness of AutoStore’s third-party security supplier. The results provided AutoStore with more visibility into its cyber posture and how it could be improved.

“The baseline assessment sharpened our focus in terms of cybersecurity. It made us aware of potential cyber threats. What was helpful and valuable was CYE’s ability to contextualize cybersecurity. Being able to show management real vulnerabilities was a game changer.”   

Oscar Lindberg, Chief Information Officer, AutoStore

The Solution: Expert Mitigation, Hands-On Security Management, and Awareness Programming 

Following the baseline assessment, CYE began working on improvements, performing company-wide security awareness training, and training an in-house security officer who managed and oversaw third-party security vendors. Together, these processes resulted in a new standard of cybersecurity for the organization.

Mitigation

“When doing the security assessment, CYE recommended remediation routes and suggested applicable solutions. That put us in a good position to remediate,” said Oscar Lindberg, Chief Information Officer at AutoStore.

Ivar Fjeldheim, Captain of Innovation at AutoStore, was impressed by CYE’s commitment to an executable action plan that took care of the most critical cyber gaps first.

“Working with CYE made us aware of low-hanging fruits that were easy to fix. That gave us immediate results,” he said. “There were some easy tasks that CYE suggested that didn’t really cost any money. It was just the process of doing it, but once done, you could see they really worked.”

Fjeldheim also appreciated CYE’s commitment to meeting the company where it was. CYE’s effective, tailored mitigation advice was based on the resources the company had and the most likely threats that it faced. CYE did not scrutinize AutoStore’s resources or demand that it put more money towards security tools and services. Rather, it took stock of what security measures the company was using and worked to make the most of them.

Software Security Management

Once the ball got rolling, the company needed to maintain its newly achieved security posture. This was made possible by using CYE’s support and investigation services that ran security checks on products as a built-in step in their development. This meant that security was being integrated into the company’s new products from their inception. CYE also regularly checked the embedded software used by the company, safeguarding against cyber gaps in third-party apps infiltrating the company’s systems.

Security Awareness Training

While CYE was initially brought in merely to pinpoint the security challenges the company faced, its support was also important to raise security awareness throughout the company.

Lindberg added that CYE’s help in “contextualizing the threats” was critical in developing the company’s threat intelligence, which helped them stay ahead of the game.

“You can put up a firewall or a technical solution, but that won’t protect you if the overall awareness needs to improve. We’ve developed a built-in awareness of security that CYE hammered into us after several years of working together.”

Ivar Fjeldheim, Captain of Innovation, AutoStore

The Impact: Elevated Cybersecurity Maturity and Awareness

With CYE’s help and guidance and through AutoStore’s commitment to making security a priority, the company has reinforced and improved its cybersecurity maturity. With CYE’s help, security maturity levels rose well past the industry standard—a direct result of the awareness level that CYE brought to security on a company-wide level.

“Working with CYE has been an investment in strategies and methodologies implemented into the workplace. The investment is in the brains of our workers. It’s not a tangible investment that you can see, like millions of dollars’ worth of equipment, but its value far outweighs more security tools.”

Ivar Fjeldheim, Captain of Innovation, AutoStore