Building on the Cegeka Security Advisory Framework (CSAF), and supported by our CISO Office and Modern SOC, we help Ardo continuously strengthen its security posture and remain resilient against evolving cyber threats.
Nearly 1 million tons of frozen food produced annually
Exports to 100+ countries
16 sites across 7 countries
Ardo was founded in the 1960s as a family farm in Ardooie. Over the years, it has grown into a global sustainability champion in plant-based frozen food. With over 3,300 employees operating across 16 sites in 7 countries and generating annual revenue of €1.4 billion, the board’s focus on IT security has significantly increased.
No Lock-in
When Ardo’s Chief Information Security Officer (CISO) found a new opportunity outside the company, it became a challenge to quickly find a replacement capable of guiding Ardo through its NIS2 implementation. Jeroen Deckers, group IT infrastructure manager at Ardo, recalls the urgency: “To comply with NIS2 requirements, we needed to find an external CISO, so we contacted several firms, including Cegeka.” Ardo chose Cegeka’s CISO Office for its rapid onboarding capabilities and the Cegeka Security Advisory Framework (CSAF), which facilitates continuous improvement in cyber resilience. “As we were already working with Cegeka for the service desk and other IT services, we knew we could count on them,” Deckers added.
For Ardo, maintaining independence and avoiding lock-in was crucial, as Deckers explains: “We agreed that Cegeka’s CISO Office would help us shape our security strategy without requiring us to replace all our security tools. We wanted to address security gaps immediately rather than spend a year migrating tools, and this approach was implemented from the start.”
Security Roadmap
Cegeka used CSAF to evaluate Ardo’s security maturity. The assessment revealed that while Ardo had already made significant progress, further improvements were needed to strengthen resilience. “While our security policies were lacking, we performed well in backup and recovery,” Deckers observes. This initial assessment immediately led to several quick wins.
Next, Cegeka helped Ardo create a security roadmap for the next three years. “Having a security roadmap was new for us, as security had not previously been part of the infrastructure team,” Deckers notes. “As part of this three-year roadmap, Cegeka’s CISO for Ardo started drafting and revising security policies, as well as supporting us in implementing email and web browser protection. We also included the migration from Windows 10 to Windows 11 in the roadmap.” Together with Cegeka, Ardo also established a structured patching plan. “Our previous plan was quite vague; now it has a defined scope and timeline,” Deckers clarifies.
One of the CISO’s immediate tasks was putting NIS2 back on Ardo’s agenda. “As a result, we introduced quarterly security reports to the board and the audit committee, with contributions from Cegeka. At the board level, this improved security awareness, secured additional budget and resources, and increased support for security initiatives.”
"At the board level, the quarterly security reports improved security awareness, secured additional budget and resources, and increased support for security initiatives."
- Jeroen Deckers, group IT infrastructure manager at Ardo
Standardization
Meanwhile, Ardo conducted a thorough review of its security tooling and identified a fragmented, complex environment made up of various tools from different vendors. The company wanted to explore a new direction to simplify this landscape. As Deckers explains: “We were aiming for greater standardization across our organization, reduced operational complexity, and a unified dashboard for managing our security tools.”
Following this analysis, Ardo decided to standardize on the Microsoft XDR stack. This shift in the security landscape also changed Ardo’s requirements for a Managed Detection and Response provider. After a careful comparison, Ardo decided to move away from its existing SOC provider and partner with Cegeka’s Modern SOC. As Deckers explains: “Not only had we developed a positive working relationship with the CISO, but Cegeka also had extensive Microsoft expertise. This was demonstrated during the swift migration process. We were even able to ingest logs from our previous legacy environment into Microsoft Sentinel.”
Ardo’s new XDR and SIEM capabilities were integrated into Cegeka’s Modern SOC, ensuring 24/7 monitoring and rapid incident response. “Knowing that threats are monitored around the clock and incidents are addressed immediately gives us peace of mind,” Deckers remarks. “The incidents detected by the SOC, and the new insights it provides to our internal security engineers, drive continuous improvements that strengthen our security maturity.”
Because Cegeka’s Modern SOC service portfolio is modular, Ardo can gradually add new capabilities under the 24/7 supervision of Cegeka’s SOC team. This year, Ardo will also add Network Detection and Response capabilities, further expanding its visibility and protection across the environment.
Mainstay for Management
Cegeka and Ardo hold weekly meetings at both strategic and technical levels. “During strategic meetings, we discuss the development of our security policies and the progress of our roadmap,” Deckers explains. “Technical meetings involve our security engineers collaborating with Cegeka’s technical team to review incidents from the previous week and assess the progress of our patching plan.” Monthly meetings focus on the Modern SOC service: all incidents are reviewed and the threat hunts carried out by Cegeka’s SOC analysts are explained. “For implementation projects, we often meet weekly, ensuring rapid progress.”
CSAF assessments are repeated regularly, giving Ardo a consistent view of its evolving security posture. According to Deckers, CSAF is vital for Ardo’s management team: “CSAF provides a mainstay for management at Ardo to understand our current IT security posture, future direction, and the progress we are making.”
"CSAF provides a mainstay for management at Ardo to understand our current IT security posture, future direction, and the progress we are making."
- Jeroen Deckers, group IT infrastructure manager at Ardo
Deckers is positive about the way the partnership has developed: “Cegeka not only gets the job done, but also challenges us and collaborates with us to find solutions.” He particularly appreciates the human aspect of the partnership: “Cegeka always finds the right people for the right roles. This was clear even from our meetings: we were always joined by a small, technically proficient team without unnecessary overhead.”
Together with the CISO, Ardo has recently included additional security tools for its OT infrastructure in the roadmap, not only for PLCs (Programmable Logic Controllers) and HMIs (Human-Machine Interfaces) in factories, but also for environmental sensors in office buildings. “This initiative aims to provide us with the same visibility into our OT infrastructure as we currently have for our IT infrastructure,” Deckers concludes.