LANTMÄNNEN - Ensuring agile and risk-based security
Lantmännen is Northern Europe’s leader in agriculture, machinery, bioenergy and food products. Lantmännen has 10,000 employees, operations in over 20 countries and an annual turnover of SEK 40 billion.
The Challenge:
It is of utmost importance for Lantmännen, which operates worldwide, to have optimized decision-making based on risks and streamlined to support future growth. Since information is a critical asset for Lantmännen’s business progress and continuity, the company decided to develop an agile approach and invest in the automation of the GRC framework and related activities. In this way, cybersecurity can be an integrated part of their organization’s business processes and systems in order to ensure quality in business and to provide a basis for decisions about risks.
Lantmännen started a strategic initiative to ensure the right level of cybersecurity for its business processes. The company identified the need for a more agile and cohesive work approach regarding information security governance (GRC) and GDPR fulfillment. In addition, Lantmännen wanted to implement a global information security process to enable and follow up on information classification, compliance management, risk management and GDPR fulfillment. The initiative also aimed at integrating and automating the information security workflow and its activities, and to make security handling more effective.
Our solution:
In order for Lantmännen to reach an optimal solution for these challenges, it recognized a need for a tool-based solution. Nixu offered its wide expertise and helped to create methods and processes for the automation of Lantmännen’s information classification, compliance management, risk management and data protection workflow for the registration of processing activities. The solution also supports and automates the ability to measure and report information security status and KPIs.
Customer benefit:
With the help of the automation, Lantmännen now has the ability to manage information security in a better and more efficient way, and furthermore, the automated and efficient corporate governance ensures more agile and risk-based security protection.
“Lantmännen’s information security program started a new chapter January 2016, aiming to be a more business-centric partner with our diversified business operations – to support our goal to take responsibility from field to fork. One part of that chapter was to set clear roles and responsibilities within and between businesses and IT. Another was to make information security as simple, seamless, and integrated as possible. The development of an information security process was one important strategic deliverable in this new chapter where the GRC tool helped us realize and enforce the process globally. This has helped us to measure the information security program more efficiently in a company with 10,000 employees and operations in 20 countries. Throughout this journey Nixu has been a tremendous support to us and we really appreciate their expertise and professionalism.” Fredrik Pierrou, Head of Information & IT Security – CISO, Lantmännen Group