Flamingo Group International
NormCyber has been working with Flamingo Group International, the world’s largest grower of cut roses, since 2021 to help protect its global operations from cyber attack.
NormCyber has been working with Flamingo Group International, the world’s largest grower of cut roses, since 2021 to help protect its global operations from cyber attack.
Founded in 1982, Stevenage-headquartered Flamingo grows and supplies a wide range of fresh flowers, premium produce and plants to the UK’s major supermarkets as well as to retailers across continental Europe. The group of companies – which comprises Flamingo Horticulture, Omniflora, Afriflora and Bigot Fleurs – employs a team of more than 22,000 based in the UK, France, the Netherlands, Germany, Ethiopia and Kenya. As well as farming 1,300 hectares of its own land, it also works with 900 partner growers in 19 different countries to deliver the freshest products to market each and every day.
When it comes to cyber attacks, it is no longer a case of ‘if’ an organisation will be targeted by criminals but ‘when’, as Flamingo found out in late 2020, when part of its infrastructure was infiltrated by hackers. While the group was able to restore operations, some of its services suffered disruption.
This attack was a watershed moment for the organisation. To minimise the chance of something similar happening again, the group’s senior management team and investor, Sun Capital, spearheaded a strategic review into the way Flamingo secured its IT infrastructure. It was vitally important that the group was on the front foot in case of future attacks.
As a specialist in perishable goods, Flamingo must ensure all its flowers, plants and produce reach their destinations in peak condition, and in the shortest possible timeframe. Any disruption to this process – however short – could have a large financial impact on the business.
The nature of our business means we only have a short window of time to get our products from the grower to supermarket shelves; a journey that often spans continents. If a cyber attack or any other type of incident interrupts this distribution process, our produce and flowers go to waste, which comes with a big financial hit to us and our partners.
– Flamingo’s Head of Group IT Security & ComplianceAn additional challenge for Flamingo is that the group is made up of several business units, some of which joined via acquisition. Each acquired company came with its own technology stack and processes, with differing levels of cyber maturity. However, as all the sister companies now work closely together, an attack on one could have repercussions across the entire group. It is crucial that there is a consistently high approach to cyber security across all units.
Furthermore, Flamingo’s customers – Europe’s biggest supermarkets – place stringent demands on all their suppliers, as they are not prepared to take any unnecessary risks with their own supply chains. To win and retain these valuable, high-profile contracts, Flamingo must be able to prove that its security strategy aligns with industry best practices and that its infrastructure is robust enough to withstand future incidents.
“Our cyber security tools and controls come under close scrutiny whenever we begin a tender process,” continues Flamingo’s Head of Group IT Security & Compliance. “Having a robust security strategy has become absolutely mission-critical as we enter into discussions with their procurement teams.”
With only limited in-house resources, in early 2021, Flamingo took the decision to appoint a managed security service provider (MSSP) which could partner with the company to introduce best practices and provide round-the-clock services.
Sun Capital recommended NormCyber as it was already successfully providing specialist cyber security services to other companies within its portfolio. NormCyber was invited to participate in a competitive tender and was subsequently appointed by Flamingo to deliver its award-winning Cyber Security-as-a-Service (CSaaS) offering.
NormCyber’s initial focus was on Flamingo’s operations in the UK, the Netherlands and Kenya. Its expert team – led by Chief Technology Officer, Paul Cragg – baselined Flamingo’s cyber security posture in these three countries, and subsequently made recommendations about how to close any gaps posing a risk to operations.
As Flamingo’s Head of Group IT Security & Compliance says, “Having the CTO directly involved in the roll-out of the service was an excellent experience. The whole process was smooth and easy, and we saw an immediate, positive impact. Paul and his team did a fantastic job of keeping us informed of how the deployment was progressing and provided plenty of actionable advice on how we could improve and maintain our security posture.”
Following on from this initial success, Flamingo soon extended NormCyber’s scope of work. Today, it also provides services to business units in Ethiopia and Germany, so that operations across the wider group now follow consistent policies and procedures.
NormCyber’s managed service comprises a range of service modules that customers like Flamingo can select depending on their own unique security requirements. For Flamingo, these modules include:
With NormCyber, Flamingo has access to a multidisciplinary team of cyber professionals, each of who brings their own expertise to the table. This team includes a dedicated Focal Analyst, who is the first point of contact for Flamingo’s Head of Group IT Security & Compliance and the wider Flamingo team.
As Flamingo’s Head of Group IT Security & Compliance explains, “Our Focal Analyst has invested a great deal of time into understanding our different business units’ IT environments, as well as their processes and procedures. This means that – as well as being on-hand to answer any questions we might have – he often comes to us with proactive advice about how we can bolster our strategy. This could be instructions on which patches to apply, which tools to assess, or how to refine our processes. Because NormCyber understands how we work; its guidance is always practical and valuable.”
Flamingo have also worked with the Cyber Security Incident Response Team, following an unsuccessful attempt by hackers to gain access to one of the business unit’s networks. “The incident response team was extremely helpful, jumping into action to help us secure our operations and then undertaking thorough post-event forensics. The team played an instrumental role in fending off this attempted breach and its insights mean we’re now even better placed to withstand further attempts.”
Most recently, Flamingo began working with NormCyber’s compliance experts to achieve ISO 27001 certification, which will streamline the procurement process with its supermarket customers. As Flamingo’s Head of Group IT Security & Compliance explains, “We are now working closely with NormCyber to gain ISO accreditation, starting with three business units but eventually for all parts of the group. Once we’ve achieved this gold standard, bidding for big supermarkets’ business will become much easier. NormCyber’s assistance is important from both a strategic security and business perspective.”
Flamingo has also been keen to set metrics to measure the effectiveness of its new security strategy. At the outset of the relationship, the cyber risk management specialist undertook a spot check on Flamingo’s entire environment to identify all vulnerabilities. As As Flamingo’s Head of Group IT Security & Compliance sets out, “Once we had this baseline, we could set some goals about reducing the number of vulnerabilities in our environment. We continue to keep a close eye on this metric to make sure it’s always trending downwards.”
The group also recognises that good security requires much more than technology; it also relies on its colleagues and employees to adhere to safe computing practices. While the group has always run ad hoc training courses, with NormCyber’s Human Risk Management Service, employees now have access to bite-sized online courses and Flamingo can track and measure participation in these sessions.
Another key feature of NormCyber’s service is the Cyber Resilience Score, which provides Flamingo stakeholders with a real-time indication of the group’s cyber resilience. Covering technology, people and processes, Flamingo strives to ensure this score remains as high as possible, and consequently, is working in collaboration with NormCyber to make the metric even more valuable.
As Flamingo’s Head of Group IT Security & Compliance explains, “Whatever you measure improves, and that is certainly the case with our Cyber Resilience Score, which has become a strategic indicator of risk across our organisation. We’re now working with NormCyber to understand how future projects – for example, ISO compliance – will impact our score over time. This level of information will help build the business case for new tools and initiatives as we’ll be able to predict the difference they could make to our operations.”
The relationship between Flamingo and NormCyber continues to go from strength to strength. In addition to the ongoing ISO certification, Flamingo is also working with NormCyber to beta test new automated services, which will enable the SOC team to automatically mitigate threats without the need for Flamingo personnel to get involved.
For Flamingo’s Head of Group IT Security & Compliance, there are multiple benefits to the service: “The NormCyber team has been great from day one. They listen to what we want and adapt their services to meet our needs – it is a very collaborative relationship. What’s more, its service is delivered at a price point that is highly competitive, offering us tremendous value. Our experience has been so positive that NormCyber has now become the preferred cyber security provider for all Sun Capital portfolio companies, which is testament to the excellent service it consistently delivers.”