How Alsendo Leveraged NIS2 to Build Strategic Security
Alsendo is technology leader in the logistics industry, operating in Poland, the Czech Republic, Romania, Lithuania, and Italy. Their innovative shipment management platform is the heart of operations for thousands of e-commerce companies, automating and optimising key processes. Dynamic expansion and strategic acquisitions have solidified their position as a key player in Central and Eastern Europe. The world of Alsendo is one of rapid growth, innovation, and complex international operations.
Industry: Logistics, E-commerce, Technology
Challenge: The company’s dynamic, international growth had outpaced its cybersecurity capabilities. There was a lack of a coherent security strategy and a plan to implement the key requirements of the NIS2 Directive, which generated significant business and operational risks, including potential management board liability
Solution: Providing support through our CISO as a Service offering. Developing and implementing a personalised Information Security Management System (ISMS) from the ground up, along with a strategic roadmap for the entire corporate group to ensure effective risk and compliance management.
Key Results: Created and implemented a unified Information Security Management System (ISMS) that harmonised standards and processes, serving as a foundation for future ISO 27001 certification.
Developed and implemented a clear cybersecurity strategy, replacing previous reactive measures.
Achieved readiness to demonstrate compliance with the NIS2 Directive in every country through a single, integrated system, rather than separate, local efforts.
Ensured continuous expert support for the coordination and analysis of security incidents as part of a robust incident management process.
The Challenge: Strategically Aligning Security with Scale and New Regulations
Alsendo’s dynamic growth created a natural need to evolve its approach to cybersecurity. The internal IT team’s efforts, while effective on an operational level, needed to be supplemented with strategic oversight and a coherent, long-term plan. This need was amplified by two key factors:
Integrating Security with Business
As the organisation grew, a holistic view of security became necessary—one that connected technology with business processes to ensure full operational stability and Business Continuity.
Aligning with the NIS2 Directive
As a critical entity, Alsendo faced the task of adapting its processes to rigorous European regulations. The key challenge was to do this consistently across all markets to avoid creating separate security systems for each subsidiary and instead build a single, centrally managed standard ready for an NIS2 audit.
An initial market analysis and collaboration with a consulting firm allowed Alsendo to precisely define its expectations. This experience showed that generic documentation was insufficient. The company needed a partner who would not only provide theory but, most importantly, help implement practical solutions, from an initial risk assessment to a full-scale implementation.
An End to Theory. Time for a Practical Partnership
Alsendo was looking for a partner who could move from theory to practice. The choice fell on Tenesys because our approach was fundamentally different from the client’s previous experiences. Instead of providing ready-made templates, we offered a collaborative partnership based on a deep understanding of their business. Alsendo needed a guide who would not only show them the way but walk it with them, creating tailor-made solutions.
The Plan to Regain Control: Four Steps to Strategic Security
In response to the chaos and uncertainty, we presented a clear and transparent action plan to restore order and build a solid security foundation:
Step 1: In-depth Analysis (Discovery): We began with a Gap Analysis and a series of workshops to understand the DNA of the Alsendo organisation, its subsidiaries, processes, and challenges.
Step 2: Building the Foundations (ISMS): We created an Information Security Management System from scratch—practical, understandable, and fully adapted to the group’s international structure.
Step 3: Setting the Direction: We developed a strategic roadmap and risk treatment plan, that transformed chaotic activities into a logical, planned implementation process.
Step 4: Continuous Support (CISO as a Service): We provided constant access to a dedicated expert, our CISO who took over the coordination of security activities, incident analysis, and strategic reporting to the board.
The Transformation: System Implementation and Tangible Benefits
Executing the plan enabled a smooth transition from reactive measures to systematic and proactive security management. The implementation of a personalised Information Security Management System (ISMS) streamlined and integrated internal processes, creating a solid foundation for achieving compliance with the NIS2 Directive. The clearly defined roadmap gave the Alsendo team a clear direction, and the continuous expert support from Tenesys strengthened their competencies and confidence in decision-making. Security became a well-managed and predictable area of the company’s operations.
Security as Business Support: The New Reality at Alsendo
For Alsendo, cybersecurity is an integral part of its business strategy. This approach, built on a solid foundation, enables the secure achievement of goals and further expansion. The company continuously improves its defence mechanisms as a natural element of its dynamic growth and commitment to business continuity.
“Collaboration with Tenesys brought a new level of quality to Alsendo’s approach to cybersecurity. Instead of generic documents, we received a system tailored to our specific needs and international structure, along with a clear action plan. We finally feel that the security domain is strategically managed, which allows us to focus on further business development.”
Krzysztof Banasiak, Chief Product and Technology Officer & Board Member w Alsendo.