Sicra Header Logo
  • Careers
  • About us
  • People
EnglishNorsk
Talk to us
  1. Knowledge
  2. Insights
  3. Customer stories
Customer stories
27.01.2024
min read

Removed a false sense of security at Montel

When Sicra looked under the hood, the top executive got a surprise. This led to new attitudes towards security.

<span id="hs_cos_wrapper_name" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="text" >Removed a false sense of security at Montel</span>
Editorial staff
Editorial staffAuthor

Montel is a Norwegian provider of insight and information to the European energy markets. The company sells subscriptions to news, data, and analysis, real-time market prices, and weather forecasting services to over 1600 large companies in more than 30 countries.

CEO Tom Nyblin has been with the company since 1994. In 2021, they started a process to attract growth capital. This led to an extensive due diligence process.

- We had grown to 100 employees and 100 million in revenue and were at a crossroads. We needed capital and a partner who could help us seize the many exciting opportunities in the energy market related to decarbonization and the green shift in society, says Nyblin.

Security wasn't good enough

One of the areas that needed particular scrutiny was IT security.

- We received IT services from a well-renowned Nordic listed company, and they were responsible for security and infrastructure. They assured us that we were their best-secured customer. This assurance was important to us as we handle large amounts of sensitive data, says Nyblin.

Nevertheless, during the audit process, it was decided to take an extra look at the IT security itself. Sicra was recommended and given the task of taking a closer look under the hood.

- Sicra quickly revealed that the security was far from satisfactory. On a scale from 0 to 10, we were at 4. That's not good enough, especially in a time when the threat landscape has become much worse, says Nyblin.

Machines and systems were Not updated

This was the beginning of a hectic period that lasted 3-4 months. The entire infrastructure was mapped out, and Sicra first carried out improvements to eliminate the many vulnerabilities and then worked on implementing better security measures around the infrastructure.

- Sicra started analyzing all traffic in and out of our systems. We saw that there was a lot of traffic inside the system that we couldn't identify, but fortunately, it turned out not to be anything dangerous. Then they found some major security holes.

Among the worst challenges were machines and systems that had not been updated for a long time. It was also unexpected for Nyblin that no one checked the traffic out of the systems.

- Sicra recommended, among other things, that we invest in a new firewall from Palo Alto Networks, he says.

Building more robust and secure services

The work meant that Montel got rid of a lot of old technical debt and chose to reprogram and rebuild systems from scratch. The process is described as costly and time-consuming but also important.

- We can scale much better now and have more modern systems that support growth.

The work to secure the infrastructure meant that much work on developing new services was put on hold. Nyblin is happy about that today.

- It's better to be safe than sorry. I don't think we've lost much. The infrastructure and services we are building now are more robust and secure.

He sees it as a strength that Sicra exclusively delivers senior expertise with long experience.

- Sicra has been very good, precise, and has a high level of knowledge. They have helped us take giant steps with security work and equipped us to make much better choices.

That Sicra has slightly higher hourly rates than comparable players doesn't bother him.

- It's good to have a supplier who only offers skilled people. We know that the best expertise is the cheapest over time because good consultants spend fewer hours solving the task.

Energy markets Are more exposed

After the initial phase was completed, the war in Ukraine broke out. The fact that energy then became geopolitics significantly worsened the security situation.

- In practice, we are at war, and especially the energy markets in Europe are under heavy pressure. We have continued the good cooperation with Sicra throughout this period. They have been an important resource for keeping us at a good security level, says Nyblin.

The work in the subsequent phases has been particularly related to compliance, the introduction of better security routines, and working on security culture from the owner to the board, management, and throughout the organization.

- Sicra has worked closely with our skilled team in the IT department. We have, among other things, acquired more procurement expertise so that we make better choices. This allows our internal team to devote more of their time to strategically more important tasks than management and operations, he says.

Hiring their own CISO

Since new owners came into the company, Montel has tripled its revenue and more than doubled the number of employees. This has also created new needs in the organization.

- We have appointed our own head of IT security (CISO) with a direct reporting line to me, and we are also hiring more dedicated security experts in the IT department.

Over these two years, Nyblin has gone from being aware of security to taking personal responsibility for ensuring the company is well protected. Sicra is still on the journey as an advisor and facilitator of security that helps create new opportunities in the Montel group.

- Security is a board responsibility. It's something I, as a leader, prioritize highly, and it's fun to work with when we succeed, concludes Nyblin.

Explore more

Oslo Taxi secures the platform with Sicra and River Security
Customer stories

Oslo Taxi secures the platform with Sicra and River Security

Even taxi companies must think like technology companies. For Oslo Taxi, IT security is about more than firewalls – it’s about protecting transactions for large amounts and a premium brand in a changing industry.
Malling wanted a security review of their M365 environment
Customer stories

Malling wanted a security review of their M365 environment

The security review from Sicra provided Malling with the foundation to improve their own security.
Ransomware attack caused headaches for one of Norway's largest chains
Customer stories

Ransomware attack caused headaches for one of Norway's largest chains

Sicra provided both a complete security solution and a comprehensive segmentation plan.
– It’s simply amazing to work with such competent people
Customer stories

– It’s simply amazing to work with such competent people

When Techstep brings Sicra consultants to client meetings, there is an expectant buzz around the table.

Tailored cybersecurity for institutions and enterprises that allows for innovation, growth, and fearless performance.

Get in touchCall us +47 648 08 488
Stay updated
Receive the latest news

Links
SustainabilityFAQPartnersCertifications and awardsCareerPress & brand
Contact

Tel: +47 648 08 488
E-mail: firmapost@sicra.no

Tollbugata 8, 0152 Oslo. Norway

Follow us on LinkedIn
Certifications
iso27001-white
ISO 27001 compliance
miljofyrtarnlogo-hvit-rgb
Eco-Lighthouse
Sicra Footer Logo
Sicra © 2024
Privacy Policy