In times of increasing cyber threats, IT security is no longer optional, but a must. BOWE is a machine manufacturer and provider of intelligent automation and IoT solutions. For the company, one thing was clear: if you are serious about digitalization, you have to secure the basis. That's why the company launched an initiative in 2023 to future-proof its digital infrastructure. At the heart of this was the establishment of its own Security Operations Center (SOC) suitable for SMEs. BOWE has enlisted the support of Possehl Secure.
Initial situation: Transformation of the company, yes – but safely
BOWE has been investing specifically in digitalization for years – from automation solutions and data analysis to interconnected platforms. However, digitalization not only brings opportunities, but also risks: ransomware, industrial espionage and targeted attacks on OT environments are also increasingly threatening medium-sized structures.
BOWE's digital transformation is an important topic for the future – and it can only succeed on a secure foundation. We recognized early on that IT and cybersecurity cannot be viewed in isolation, but must be an integral part of our overall strategy.
The goal: security architecture at an industrial level
The IT department headed by Michael Scharpf is responsible for the IT security of the entire BOWE Group (consisting of more than 25 companies) and has always attached great importance to a well thought-out security concept. The team had already designed a comprehensive security strategy and set up the corresponding solutions.
Due to the high awareness of security in a complex company, IT concluded that a holistic strategy with professional support would be a sensible addition, despite the solutions already in place, also to relieve the small team. They wanted to critically scrutinize their existing strategy and uncover any weaknesses.
In order to position itself for the future and to be able to continue to meet all challenges with the existing team, the focus was therefore on setting up a Security Operations Center (SOC), which:
- Continuously monitors the IT environment
- Detects attacks at an early stage
- Enables effective responses
- and fulfills legal and insurance requirements
It was important to find a solution that was not only technologically convincing, but also organizationally suitable for SMEs – scalable, comprehensible and easy to implement.
The solution: A SOC that suits SMEs – with Possehl Secure
As part of the Possehl Group, Possehl Secure combines technological expertise with a deep understanding of the needs of medium-sized companies. The collaboration with BOWE Group began with a pentest (simulated attack) to uncover initial gaps or weaknesses in the existing security concept. This was followed by a rapid risk assessment (RRA) or CIS assessment (security policy check using an international standard as an example), which was then carried out for all sister companies within the Group in accordance with jointly defined standards.
Together with BOWE, Possehl Secure used the results of the assessments to develop a blueprint for the security strategy for the coming years and the technology required to implement it. This blueprint was then translated into individual projects.
In an initial SOC workshop, all important parameters for the design of a SOC architecture, including the transfer of the existing environment, were clarified. A modular and practical Security Operations Center (SOC) is being developed for BOWE, which includes a fixed pentesting contingent, vulnerability management, endpoint detection & response, security information & event management and incident response – mainly organized as a managed service by Possehl Secure.
The solution was developed strictly in accordance with the proven security standards of the NIST Cybersecurity Framework and CIS Best Practices and is specially tailored to medium-sized structures.
The result: continuous security and transparency
Now that the new SOC has been set up, BOWE will be able to detect, analyze, and respond to IT incidents in real time. The collaboration with Possehl Secure ensures that:
- Software-supported monitoring, analyzed by experts
- Transparent processes, documented measures
- High resilience with reduced effort for your own IT team
Mit Possehl Secure haben wir einen Partner gefunden, der unsere Sprache spricht – technisch wie organisatorisch. Das SOC ist für uns ein Meilenstein in Richtung digitaler Souveränität und Sicherheit.
Strategic contribution to digital resilience
BOWE is an example of how cybersecurity can succeed in SMEs: with a clear objective, realistic use of resources, and a reliable partner at your side. The project not only serves the company's own security – but also serves as best practice for other companies in the industrial SME sector.