Founded in 1969 in Tyrol, the family-owned company is now a leading global manufacturer of decorative home and outdoor lighting, among others focusing on Smart Lightning. This means that the company is working on solutions for controlling luminaires simply and quickly via various smart devices.
EGLO is represented by 94 subsidiaries on six continents and employs around 5,500 people, more than 320 of whom work at the headquarters in Pill/Tyrol. The company has its own production facilities in Hungary, China, and India. The current production range comprises more than 8,000 articles, and around 1,000 newly developed products are launched on the market every year. In April 2023, “EGLO Lichtwelten”, the largest lighting store in Europe, was opened in Pill. The flagship store offers a special shopping experience on 7,500 m² of showroom space and 4,600 m² of outdoor facilities.
IT is controlled from the head office
There are around 1,800 PC workstations in the company network, which are controlled by a small team of currently 22 employees from the company headquarters in Pill. A major challenge is the networking of the production sites with the worldwide logistics systems and sales locations. Every day, 65,000 products are manufactured in-house, which must be delivered to the customers’ homes as quickly as possible.
Challenges in IT security
There is hardly an industry or company today that does not face cyber-attacks, regardless of its size. Ransomware attacks and phishing are the most common methods of cyberattack and are becoming increasingly popular because they can cause great damage with relatively little effort.
„Although there are virtually no trade secrets in the luminaire industry, we are nevertheless repeatedly confronted with phishing attacks, for example through fake WhatsApp messages,“ depicts Peter Lechner, Head of IT at EGLO, the situation.
In mid-2022, there was a cyber-attack that paralysed many parts of the company. IKARUS, the Austrian IT/OT security expert, came to the company’s attention through a recommendation from its long-standing partner A1. “In the event of an incident, every minute counts. The sooner you can get started with targeted measures, the better,” Peter Lechner recalls the situation at the time: “Already on the first day after the attack at night, there was a professionally organised crisis meeting with the experts from IKARUS and Mandiant, and we didn’t have to wait two or three days for something to happen.”
Subsequently, it was important to avoid panic and to involve the relevant departments in the company in the best possible way. In the follow-up meetings, the “next steps” could be determined. “The experts from IKARUS and Mandiant acted extremely professionally, even working at the weekend. After about 10 days, we were up and running again in the SAP area and were able to deliver“, Peter Lechner is relieved. If necessary, IKARUS draws on the expertise and cyber threat intelligence of the internationally active, renowned security company Mandiant, upgrades it with its own local attacker information and implements it with local manpower. IKARUS is proud of its long-standing partnership with Mandiant, which makes it possible to act worldwide in the event of a crisis.
Next steps: increased staff training and OT security are on the agenda
To protect against cyber-attacks, it is by no means enough to protect oneself with technical solutions such as virus protection, firewalls or intrusion prevention systems that are embedded in a multi-level security concept. The involvement of employees is the key to success.
Carelessness, inattention, or ignorance are mostly at play when insecure passwords are used, or malicious email attachments are opened. “This is exactly where we want to start, and we implemented a comprehensive 2-factor authentication at EGLO. We will soon implement further security training measures on a mandatory basis and at regular intervals,” Peter Lechner gives an outlook on upcoming activities. Another focus will be on strengthening OT security to protect the infrastructure and processes against cyber-attacks.