Carlsberg secures 25,000 devices globally with GYTPOL Validator hosted on Azure cloud

Established in 1847 by brewer J.C. Jacobsen, the Carlsberg Group has evolved into one of the world's leading brewers. The company has constantly sought to transform and improve the brewing industry, prizing long-term growth over short-term gain. Today, Carlsberg manufactures over 700 types of beer. 

Like many enterprises in the modern age, Carlsberg faced the growing challenge of cybersecurity risks. After the 2017 WannaCry ransomware vulnerability incident, the company began revamping its cyber security protocols. This included improving defensive technologies, incident response, endpoint protection, operational technology security and vulnerability management. In addition to this, Tal Arad, Chief Information Security Officer and Head of the Technology Foundation at Carlsberg, knew there was more he had to do. “I wanted to change the paradigm of how security works in a big organization, so I started exploring new companies with innovative technology,” he says. 

Targeting a key problem

To revamp its security, Carlsberg decided on the GYTPOL Validator to resolve an important issue—device misconfigurations. “About 80 percent of malware, virus, or ransomware incidents actually occur due to device misconfigurations, though this is often overlooked by many companies,” says Tal Kollender, CEO and Co-Founder of GYTPOL. 

GYTPOL, a cybersecurity solution provider headquartered in Israel, gained rapid market growth thanks to the support it received from the Microsoft for Startups Pegasus Program. Placing its solutions on the Azure Marketplace enabled GYTPOL to reach large companies like Carlsberg to meet the exact needs of the leading brewer. 

“The GYTPOL Validator was created to change how organizations protect themselves by complementing what Microsoft already offers,” shares Kollender. “We enable customers to not just discover misconfiguration risks, but also set up auto-remediation to resolve these issues without impacting daily operations.” 

After an initial pilot program on 100 devices, the solution was deployed via Microsoft Intune and Microsoft System Center Configuration Management (SCCM) to 25,000 devices across the globe in 2022. The solution runs as a virtual machine embedded in a private Microsoft Azure cloud. 

This has been a game changer for Carlsberg’s cybersecurity measures. “We had tried a few different solutions before, but GYTPOL offered coverage that extended past our servers into all the devices in use, including laptops and additional technologies such as Azure Active Directory,” says Arad. “One year in, the solution has become a part of our standard image and is included by default when we deploy a new environment.” 

Elevating security through automation

With the solution in place, Carlsberg can automate remedial processes for both server and end-point device misconfiguration. “Maintaining our global IT environment is a massive task. Now we finally have a solution that reduces the time my team has to spend on this task,” explains Arad. “With our most recent automatic remediation, we have fixed a vulnerability on thousands of devices in one go, which would have otherwise taken us significant time and effort.” 

Arad's team is hoping to add more automatic remedies in the next few months—a move that will boost efficiency and help the team save many hours of time in the future. Fixes that often took a long time to put in place now happen much faster since everything is automated. “In the past, it could take weeks of effort from discovery until an issue was fixed. Now it happens on a much shorter timeline,” he says. 

Given Carlsberg’s expansive global operations, finding a solution that wouldn’t affect any of its daily business and manufacturing processes was critical. “With the traditional way of dealing with misconfiguration, you never know if it will mess up your entire company,” explains Arad. “Sometimes an issue comes up three weeks later and you don’t associate it with the changes you’ve made. With GYTPOL we are much more certain of risk-free mitigation.” 

Unlike traditional hardening methods, GYTPOL utilizes a proprietary remediation with zero-impact technology that functions continuously. For Carlsberg, this means that risks related to misconfiguration can be automatically mitigated while devices that use GYTPOL are continuously hardened.

Tapping into more potential

According to Arad, GYTPOL has been integral to the security strides the brewer has made. “They’re very responsive and pleasant to work with and when something is not working well, the support is almost immediate,” he says. 

Seeing how its cybersecurity has been enhanced, Carlsberg is committed to making its business more robust in this area. This includes potentially adapting the solution to work beyond IT infrastructure to operational technology (OT). “Unlike IT, OT is much more difficult to manage since they’re a lot more fragile. A lot of the activities that are fine in an IT environment can affect an entire factory. We’re working closely with the GYTPOL team to get to a point where I can also consider the GYTPOL Validator on some of these technologies,” says Arad. “At the end of the day, we want to be ahead of the curve when it comes to cybersecurity.”