Skip to main contentSkip to footer
Get in touch with our experts
Data Privacy

CyberSecurityReimagined

Ricola candy box surrounded by a variety of herbs

Ricola

Our Customer

Ricola Group AG, a traditional Swiss family business, has been known for its high-quality herbal candies and tea specialties since 1930. Headquartered in Laufen, the company exports its products, which are manufactured exclusively in Switzerland, to over 45 countries. Ricola produces around 9 billion candies annually and employs over 600 people worldwide. Sustainably grown herbs from over 100 contract farmers in the Alpine regions ensure quality. With the acquisition of a production plant in Lenzburg, Switzerland, in 2024, the company is strengthening its capacities and remaining a pioneer in quality, sustainability, and innovation.

43,000

candies per minute

90%

export ratio

1,500 tons

fresh herbs per year

13

different herbs in all products

>60 varieties

of herbal candies

TheSituation

Towards a modern security architecture

Ricola faced the significant task of fundamentally modernizing the security architecture of its Security Operations Center (SOC). The previous SOC service no longer met the technological requirements of the herbal candy specialist. Functions such as automatic blocking of compromised user accounts, isolation of affected devices, and activation of security scans were sought. These measures were to be available around the clock in the future. In addition to operational security, Ricola was also looking for a strategic partner to support the company in developing a sustainable and holistic cyber security strategy. The goal was and is to make security measures more efficient, automated, and comprehensive.

Pink-colored Ricola candy boxes in a row on the production line

TheSolution

Customized, automated security with MDR Pro

After an intensive evaluation phase, Deutsche Telekom was chosen for its impressive modular service concept. This comprises five core functions – known as MDR domains – and can be individually adapted to Ricola's needs. In addition, Deutsche Telekom offers flexible add-on modules such as breach containment, incident response, threat intelligence, and threat hunting, which can be activated depending on security requirements and budget. This modular architecture enables a future-proof and scalable security solution.

A central element of the solution is the “act immediately” approach. This allows security measures such as account suspensions or device isolations to be carried out automatically and without manual approval. If necessary, these measures can also be reversed automatically, ensuring a fast and efficient response to threats. The technical basis of the solution combines Ricola's existing systems, such as the EDR solution and firewalls, with Deutsche Telekom technologies such as SOAR (Security Orchestration, Automation, and Response) and a specially developed customer portal. Standardized API interfaces ensure seamless integration and communication between the systems.

The security platform includes a wide range of powerful tools, including SOAR for automating security processes, SIEM Light for network monitoring, sandboxing tools, and a solution for vulnerability scanning. This is complemented by a threat intelligence platform that integrates both open source and commercial solutions. Deutsche Telekom's security customer portal also offers comprehensive functions for managing tickets, tasks, and documentation.

Alpine herbs being harvested

"With MDR Pro from Deutsche Telekom, we have a comprehensive, automated, and scalable security solution that is fully integrated into our existing systems."

Fabian Sterchi, Head of IT Infrastructure at Ricola

TheResult

Transparency, integration, and future-proofing

With Deutsche Telekom's MDR Pro solution now in place, key areas such as endpoints, identities, and network traffic are specifically secured to ensure comprehensive protection. The automated security processes are not only efficient, but also enable a significant reduction in response times.

The central customer portal offers Ricola full transparency and control over all security processes, tickets, and measures. If necessary, automated processes can be specifically reversed. The technological integration of the MDR Pro solution into the existing infrastructure was seamless and did not involve high conversion costs. In addition, the architecture of the solution is scalable and future-proof. This means that Ricola can easily upgrade as demand grows, for example in the area of OT security (operational technology security) for production. Another advantage is the reduction in workload for the internal IT department thanks to close cooperation with T-Security and 24/7 support. This allows the team to focus on strategic tasks.

As a result, the implemented solution offers Ricola an efficient, transparent, and sustainable security strategy that is perfectly aligned with both the company's requirements and the increasing demands in the area of cyber security in the long term.

Truck with Ricola logo in front of their company building

get in touchwith our experts

We are ready to develop custom-designed, end-to-end connectivity and communications solutions that will help your business. Find out how we can support and grow your business today.