Ensuring continuity at Koninklijke Oosterberg
Koninklijke Oosterberg chose mnemonic as its cybersecurity partner two and a half years ago and shares insights about the collaboration.
Koninklijke Oosterberg (Royal Oosterberg) is an electrical wholesale company with over 20 branches across the Netherlands. The family business has been in operation for 135 years, supplying various businesses, including major construction companies, installers, freelancers, and hospitals. Customers order products today and require them the next day for their work. Most orders are therefore processed via e-commerce. Efficient IT operations are crucial for the company. This was the reason they partnered with mnemonic to secure the organisation and keep malicious actors at bay. We spoke to Reint Cornegoor and Felix Bouwman of Koninklijke Oosterberg about their search for a security partner, why they chose mnemonic, and how the collaboration is progressing.
A reliable security partner
“IT is vital for us,” says Felix Bouwman, IT Manager at Koninklijke Oosterberg. “For our customers, it is essential to receive their products quickly; otherwise, they cannot continue with their work. This means a lot of electronic traffic for us. Seventy percent of all orders are processed digitally or via the web shop. Order picking takes place until midnight, and the drivers set out early the next morning. Naturally, the web shop operates around the clock. We also have numerous APIs for customer systems. Everything depends on IT, which must be operational 24/7. If our systems were to go down unexpectedly – due to a ransomware attack, for example – we would face significant problems and immediately lose revenue. We now have a small IT team. We work hard, but it is not enough to monitor security around the clock. Therefore, we sought a reliable cybersecurity partner to support us in meeting this challenge and ensuring the continuity of our business.”
The wish list
Several years ago, the company conducted a security assessment, which resulted in a roadmap with future recommendations. This helped convince the management team of the urgency to act. “Once the management was convinced, we could start the search,” says Reint Cornegoor, IT Project Manager at Koninklijke Oosterberg. “We were looking for a provider of Security Information and Event Management (SIEM)/Security Operations Centre (SOC) services, a company who could analyse log sources, monitor network traffic, provide Endpoint Detection and Response (EDR), and handle incident response. In summary, we needed Managed Detection and Response (MDR). Beyond this technical wish list, we primarily sought a partner with whom we could work comfortably, someone who communicates clearly, is accessible and dedicated. Personal contact and flexibility are our core values, so we were looking for a partner who shared them. We eventually found this in mnemonic.”
A clear story
Bouwman explains the decision-making process: “We spoke to several companies and requested proposals. mnemonic had the most straightforward story. We occasionally felt that some providers exploit the fear of cyberattacks for profit. We did not get that impression from mnemonic. They genuinely want to help. They have been specialising in cybersecurity for 25 years, and it is their core business. They also have a low turnover rate, which helps safeguard knowledge and continuity. Additionally, there were many excellent references, which was very important to us.”
Cornegoor adds, “Another advantage was that mnemonic provided clear guidance on prioritisation. We had extensive requirements, but not everything needed to be implemented simultaneously. mnemonic advised us on where to start and how to expand. Everything fell into place, making it very manageable. They could clearly explain how all elements fit together, both at a high level and in detailed technical terms. All in all, this gave us great confidence in their capabilities.”
A complete overview
Koninklijke Oosterberg began with the implementation of EDR, significantly reducing the risk of a ransomware attack. The company was connected to mnemonic's SOC, providing 24/7 security monitoring for its endpoints. Subsequently, network monitoring was implemented, and relevant log sources were added to the monitoring system. All data is collected in the Argus Log Cloud with a retention period of thirteen months. This provides a comprehensive overview of the entire IT environment, ensures any incidents are detected, and allows for extensive data retrieval in case of an incident.
Cornegoor explains, “All services are managed within Argus, mnemonic’s proprietary platform, which they use to manage our security. We also have access to it and see exactly the same as what mnemonic staff sees. It’s a user-friendly tool, offering a complete overview. It is reassuring to know that in addition to automated detection, real staff are also monitoring the data. Later, we also engaged mnemonic for email monitoring. This was not initially included in the scope of our request, but the collaboration was so successful that we entrusted this to them as well.”
A sense of security
“Our trust has been validated. To date, mnemonic has fulfilled everything they promised,” continues Cornegoor. “They are transparent and honest, which makes working with them a pleasure. Fortunately, there have been no major incidents – a good sign. However, we were affected by the CrowdStrike outage in the summer of 2024. Although it wasn’t an attack, it was impactful. mnemonic responded immediately, liaised with CrowdStrike, and quickly developed a workaround, enabling us to resume operations swiftly and minimise downtime. During that period, we had frequent contact with mnemonic’s technical staff and our account manager, who was highly involved, which was greatly appreciated. This proactivity is evident even during quieter times. mnemonic continuously seeks improvements and keeps a close eye on developments and trends in the cybersecurity landscape. This gives us a strong sense of security. We view mnemonic as a true cybersecurity partner and hope to continue this partnership for many years to come.”