Digitalization & cyber security

Management approach

Material topic: Digitalization & cyber security

Importance for Lenzing

  • More and increasingly sophisticated external attacks, much greater complexity of networked ecosystems and rising regulatory demands are calling for utmost care in cyber security
  • Information security and data protection are imperative to protect business, customer, partner and employee data as well as intellectual property (know-how)
  • Harvesting the benefits of digital technologies to maintain Lenzing’s technological advantage


  • Increased trust of employees, customers and partners through responsible data handling
  • Optimization of business processes, saving time, energy and reducing raw material usage
  • Digitalization helps to anticipate the needs of customers and improves the customer experience
  • Increased transparency and traceability of supply chains and thus supply chain security
  • More flexible digital working environments to retain talent, attract future talent and allow for a new way of working


  • Successful cyber-attacks could stall business processes or even impact operation
  • Potential disclosure of information could incur high regulatory penalties or claims
  • Potential compliance issues could reduce Lenzing’s credibility in the values it champions

Guiding principles

  • Data Protection & Information Security by design & default
  • Protective measures appropriate to the related risks
  • Applicable legal regulations and a set of internal policies/directives/guidelines

Due diligence processes and (ongoing) measures

  • Continuous improvement of Lenzing’s security measures
  • Alignment of cyber security measures to business needs
  • Maintaining appropriate technical and organizational measures
  • Further development and management of the information security & data protection management system
  • Regular information security assessments, audits and trainings
  • Regular internal/external penetration testing
  • Regular risk assessments with enterprise risk management and cyber insurances
  • Running information security due diligence programs on third parties
  • Notification mailbox to report anything suspicious, such as fraudulent emails
  • Continuously monitor applicability of the technical organizational measures (TOMs)


  • Ensure appropriate level of protection for the Lenzing Group and its connected partners
  • Manage information security and data protection risks
  • Build and maintain a security-conscious culture
  • Value-adding use of data, digital technologies and IT infrastructure
  • Generate competitive advantages via the use of digital technologies

Achievements/activities in the reporting year

  • Cyber-attacks have been averted successfully, e.g. via the rapid mitigation of several zero-day incidents
  • Continuous improvement – existing safety measures were challenged with involvement of the public NIST Cyber Security Framework
  • Launch of “Next Generation Level of Protection” program
  • Completion of several penetration tests including corrections via Service Improvement Plans (SIP)
  • Further digitalization with company seals used for E-Branding Service, invoice signing and approval workflows
  • All board members & directors worldwide (90+) were provided with qualified electronic signatures for eSign-off
  • Launch of a Digital Innovation Function to capitalize on digital technologies
  • Extension of fiber identification technology to TENCEL™ branded lyocell and modal fibers
  • Launch of fiber identification system for VEOCEL™ Lyocell fibers


  • VP Global IT
  • Chief Information Security Officer
  • Senior Director Digital Innovation


  • Security Operators within IT
  • Local coordinators

Topics filter

Results for

    • No filters selected
    • No results