Nordzucker AG – NIS2 Compliance in Just One Week with SECJUR

About the Company

Nordzucker AG is one of the world’s leading sugar producers. The company produces sugar from beet and cane and generated annual revenues of €2.8 billion in the 2024/25 financial year, employing around 4,100 people worldwide across Europe and Australia.

Nordzucker is guided by four core values that shape its actions and collaboration within the company: responsibility, commitment, courage, and appreciation. These values form the foundation for economic success and close cooperation with growers and customers.

From the very beginning, Nordzucker AG has been actively involved in the development and maintenance of the B3S standard for the food industry. As a result, the company is regarded as a pioneer in information security and cybersecurity within critical infrastructures (KRITIS).

The Challenge

While the KRITIS-affected sites of Nordzucker AG already have established information security management systems (ISMS) in place, implementing the new NIS2 requirements for plants in eight European countries posed a significant challenge. Some locations do not exceed the KRITIS thresholds yet are still subject to the NIS2 Directive.

The complexity of ensuring NIS2 compliance in parallel with existing KRITIS requirements across multiple countries—without creating redundant structures or duplicating effort—made one thing clear: an efficient, scalable, and integrated approach was needed. Nordzucker’s primary objective was to establish NIS2 structures quickly and in a resource-efficient manner, without having to invest the same level of effort required to maintain KRITIS compliance.

The IT managers therefore sought a solution that:• enables a structured and centralized implementation of NIS2 requirements across all affected countries,• minimizes effort and resource requirements compared to existing KRITIS systems,• provides the necessary expertise to efficiently implement NIS2 requirements and monitor compliance, without having to build extensive additional in-house expertise.

The Solution

Due to the complexity of the requirements, Nordzucker decided to work with SECJUR and use the SECJUR platform, the Digital Compliance Office (DCO), to implement NIS2 compliance. In close cooperation with SECJUR’s information security experts, Nordzucker AG was able to upload its existing B3S policies into the DCO and link them to the NIS2 requirements. The key advantage: by mapping these policies to the NIS2 requirements within the DCO, compliance can be tracked more easily and efficiently. Missing or incomplete policies were also created or expanded directly within the DCO to ensure that all relevant requirements were fully covered. The platform enabled the centralized management of all required documents and processes while simultaneously monitoring compliance with the NIS2 Directive.

Fast and Efficient Implementation of NIS2 Compliance

With SECJUR’s support, Nordzucker was able to achieve NIS2 compliance in Germany within just one week. This rapid implementation provided the foundation for a straightforward and efficient rollout of the updated ISMS to the other seven affected European countries.

The Impact

Together with SECJUR, Nordzucker AG achieved:
Rapid adoption of NIS2 requirements within days: The existing management system was adapted to meet NIS2 requirements in less than one week.
Minimized effort: By integrating NIS2 requirements into existing structures, redundant work was avoided.
Centralized governance: The SECJUR platform enabled unified management and centralized control across all international sites.
Future readiness: Nordzucker is now optimally positioned to fully implement the NIS2 Directive and its national transpositions while continuing to meet existing KRITIS obligations.

By efficiently integrating NIS2 requirements into its existing ISMS, Nordzucker AG not only strengthens its position as a leading company in the international sugar industry but also reinforces its pioneering role in information security. As one of the first companies to successfully integrate both regulatory frameworks—NIS2 and KRITIS—Nordzucker AG is exceptionally well prepared for future information security requirements.

+49 40/80 90 81 146
info@secjur.com
Imprint
Privacy Policy
General Terms and Conditions
InfoSec Policy
Visit us on linkedin
Products
Compliance Platform
Data Privacy
Information Security
Whistleblowing
Anti-Money-Laundering
AI Management
Regulation
DORA
NIS2
GDPR
EU AI Act
Whistleblower Act
Anti-Money-Laundering
Certification
ISO 27001
ISO 9001
TISAX®
SOC 2
ISO 27017
ISO 27018
Industry solutions
Startups
Scaleups
Mid Market Companies
Software and IT-Consulting
Financial Services
Energy
Food & Beverages
Healthcare
Industry and Manufacturing
Logistics
Aerospace and Defense
SECJUR
For Partners
Customer Success Stories
About SECJUR
Integrations
Careers
Blog
Downloads
Language
Deutsch
English

© 2025 SECJUR. All Rights reserved.