All Customers
Case Study
Gränges
Strengthening Industrial Cybersecurity and Resilience
How can an industrial manufacturer secure its internal IT environment against unauthorized access, misconfigurations, and data exposure while preparing for stricter compliance requirements?
Headquarters
Stockholm, Sweden (Finspång facility focus)
Website
www.granges.com
Sites / Employees
Global aluminium manufacturer, ~2,700 employees
Year Founded
1896
Cypro Services
Grey-box penetration testing of internal networks and Active Directory, zero-trust recommendations, dark web monitoring, vCISO and governance support, and incident response planning.
The Challenge
Gränges AB, a global aluminium leader, wanted to strengthen the resilience of its Finspång facility's IT environment, facing weak access controls, exposed data surfaces and internal misconfigurations.
Engagement Approach
- Network & Active Directory testing: simulating real-world attacks to uncover critical vulnerabilities.
- Zero-trust recommendations: stronger segmentation, authentication and privileged account management.
- Dark web monitoring: early detection of exposed credentials and external threats.
- Governance support: vCISO guidance, policy work and incident response planning.
Results & Impact
- Critical vulnerabilities fixed within 72 hours.
- Security maturity raised from 2 to 4 in three months.
- Incident handling established at group level.
- Strategic alignment with ISO/IEC 27001 and NIS2.
- Trust reinforced internally and with external stakeholders.
Cypro has strengthened our information security in a professional and methodical way and prepared us for future requirements. We see the cooperation as long-term and value-creating.