Skip navigation
Get in touch
Home / Cases / Global Paper and Pulp Manufacturer

Scaling NIS2 Compliance Across Global OT Landscapes

Cybersecurity Sevendos
Sevendos_DACH_case_paper and pulp

Background

A global paper and pulp manufacturer operating across Finland, Germany, and multiple international locations faced a major regulatory challenge: achieving compliance with the EU NIS2 Directive across its Operational Technology (OT) environments.

The organization operates a two-digit number of industrial sites with varying infrastructure, technologies, vendors, and system ages. Ensuring consistent cybersecurity controls across such a diverse and business-critical production landscape was a complex undertaking.

At the same time, production environments had to remain fully operational. Any security improvements needed to be carefully implemented without disrupting manufacturing processes.

Due to limited in-house OT security expertise and the scale of the compliance effort, the company required external specialists capable of mobilizing quickly and leading the initiative end-to-end.

Project Support by Sevendos

Sevendos assembled and deployed a dedicated OT security team consisting of:

  • A Technical OT Security Project Manager
  • Two Senior OT Security Experts / Architects

The team began with a comprehensive assessment of NIS2 control requirements and mapped them against the customer’s current security posture across sites.

The scope of work included:

  • NIS2 requirements analysis
  • Current-state assessment across global sites
  • Detailed gap analysis
  • Definition of required remediation measures
  • Site-by-site implementation planning and execution
    On-site security improvements, including work at German production facilities

Sevendos not only defined the roadmap to compliance but also drove execution across multiple industrial environments.

Technical Approach

The engagement focused on strengthening OT security controls within complex industrial network environments.

Given the diversity of technologies — including legacy systems and multi-vendor industrial network devices — the team tailored security improvements to each site’s unique constraints while aligning them with NIS2 standards.

A structured, phased rollout ensured that production continuity was maintained throughout the transformation. Security controls were enhanced without interrupting operational processes.

Focus area:

OT Security & NIS2 Compliance

Environment:

Industrial networks, OT infrastructure, multi-vendor network devices

Scope:

Global multi-site production environments

Core Activities:

Security assessments, gap analysis, control implementation, compliance alignment

Sevendos_DACH_case_paper and pulp

Results

The project established a clear and measurable path toward NIS2 compliance across the organization’s global OT landscape.

Key outcomes included:

  • Achieved alignment with NIS2 regulatory requirements
  • Clear visibility into the security posture of each site
  • Defined measurement mechanisms for ongoing security maturity
  • Significantly strengthened OT security controls
  • Reduced risk of security breaches and minimized potential impact

Beyond compliance, the organization now operates with a substantially higher level of OT security resilience.

Following the initial transformation phase, the collaboration continued with one Sevendos expert remaining in an OT Security Assurance role to ensure sustained progress and long-term governance.



Get in touch

Britta_Schröder

Britta Schröder, Sales Director, Cybersecurity

Contact