Industry Manufacturing
Solution Type OT Security
Needs Identify key risks and enhance cybersecurity program while adding new equipment for Operational Technology (OT)

The BATZ plant, located in Igorre, Spain, is an automotive tier one manufacturing facility that supplies parts to original equipment manufacturers (OEMs) worldwide. Products include pedal assemblies, vehicle jacks, gear shifters and hand brakes. The company wished to invest in innovative ways to safely develop new products. BATZ invested in new manufacturing equipment that was connected to the Internet and had concerns about cybersecurity risks. If left unaddressed, these risks could impede their ability to win and retain customers.

BATZ’s manufacturing technology platform had been designed and maintained by a third party. They engaged TUV Rheinland to perform an independent operational technology (OT) and IT cybersecurity risk assessment at their plant. This assessment was based on the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity ( NIST Cybersecurity Framework ).

Over several weeks, TUV Rheinland worked on site at the plant with the BATZ team, followed by several weeks of analysis offsite, to compile a comprehensive report. In order to gain deeper insights, the TÜV Rheinland team conducted an intensive workshop with BATZ employees – including IT and OT security teams, plant engineering, academic researchers, and support staff.

At the end of the day
Our assessment provided a common taxonomy and mechanism for BATZ to do the following:

  • Describe their current cybersecurity posture
  • Describe their target state for cybersecurity
  • Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process
  • Assess progress toward the target state
  • Communicate among internal and external stakeholders about cybersecurity risk

  • BATZ in Industry 4.0 depends heavily on a high level of safety and cybersecurity in OT. By working together with TUV Rheinland OpenSky, BATZ was able to quickly identify key risks; and the top risks were immediately triaged and prioritized. TUV Rheinland developed a plan to address all risks over a span of 18 months. BATZ is poised to prioritize its budget toward most-critical risks. They are also in position to enhance their overall cybersecurity program. Moreover, the organization can now transition to a converged security model so that logical and physical risks can be handled by one dedicated team.

    Our cybersecurity solution provided value in a cost-effective, efficient manner. BATZ management has peace of mind that the systems used in the facility have been assessed for risk, and appropriate security controls are in effect.

  • Company Profile:

    The BATZ Group is a world-class supplier of products and services for the automotive, aerospace, and energy industries. BATZ is part of the Mondragon Corporation and has 16 facilities around the world, and the largest cooperative industrial group worldwide. The corporation employs nearly 75,000 people globally across four domains – finance, industry, retail and knowledge. With activities in renewable and sustainable energies, and aerospace markets, their focus is to aid the development of the socio-economic environment and develop long-term partnerships. Over the years, BATZ has earned the reputation as a premier industrial group with a world-wide presence.

    Before you leave…
    want to sign up for our newsletter?