Sustainably managing 10% of Austria’s entire national territory, Österreichische Bundesforste AG is the largest ecosystem caretaker and manager, the largest forest managing company and the largest owner of hunting and fishing licenses.
Forestry, real estate, service provision and renewable energies are the four pillars of the company striving to maintain a proper balance between its entrepreneurial pursuit of commercial success and environmental goals and community interests at all times.
A medium-sized company’s IT structure
Year after year, the necessity to establish comprehensive IT security management has been getting more and more obvious for Österreichische Bundesforste AG. The increasing complexity of IT security calls for existing mechanisms to be checked and improved, as well as for new protective measures to be implemented in view of continuously changing risk factors. A task that would keep at least three full-time IT security experts busy in the company employing a staff of about 1,000, according to Dr. Spatzenegger, Head of the ITM Department; highly specialized experts that the company didn’t have.
“We were acutely aware of the increasing complexity and diversity of security risks, and we were looking for a technically advanced solution to cover this diversity. Considering our medium-sized company’s IT structure, the thought of establishing a trust-based relationship with a service provider seemed expedient and appeared to make sense in terms of both content and economic efficiency.”
– Dr. Günther Spatzenegger, Head of ITM Department, Österreichische Bundesforste AG
Advanced solution, perfectly attuned team
During the long-standing customer relationship between Österreichische Bundesforste AG and Radar Cyber Security, the companies’ collaboration has intensified over the years. Radar Cyber Security checks security incidents on an ongoing basis and presents specific potential for improvement every month. Regular monthly meetings not only help to increase the effectiveness of the IT security management system, but also ensure that the people involved on both sides make up a perfectly attuned team.
The employees of Österreichische Bundesforste AG know how to handle the Radar Risk & Security Cockpit and are familiar with the clearly structured internal processes that have been established, and all those involved know what to do if an incident occurs. Meanwhile, all incidents can be verified and, thanks to internal databases, it is always clear which patch needs to be installed and when.
Best practice
Patch management is well-coordinated with the suppliers of Österreichische Bundesforste AG. One specific patch day has been mutually agreed that applies to all of them. On that day, tests are run, patches installed, and subsequently vulnerability scans are performed by Radar Cyber Security. Hence, the Risk & Security Cockpit is always up to date, since the necessary fine-tuning has taken place already.
