Cyber crime in food industry
Cyber crime is everywhere these days, also in the food industry. This was evidenced by last year’s worldwide Petya attack, which caused considerable damage to certain food products. But what exactly are the biggest cyber risks in the food industry? And how can food companies protect themselves against these? Vanbreda experts Ronny Kamermans and Gerrit Mets are happy to explain it to you.
In many ways, the risks from cyber crime are no different than the safety risks that food companies mitigate every day. The same practices used to identify and address food-processing risks, such as foreign materials and pathogens, can apply to protecting data essential for processing. These practices call for evaluating the threats, assessing the likelihood of occurrences, and establishing programs for mitigation.
44eeAssessing the likelihood of attack in each category requires identifying malicious actors and how each might benefit from an attack.As a firm, you can mitigate the threat of cyber risks by taking the necessary preventive measures, such as increasing awareness among staff and the heightened security of your IT infrastructure. “But despite the many investments and efforts, every firm still faces a residual risk. Together, we can assess this for you so that we can provide coverage with the right cyber policy.
Cyber risk 1: business interruption after hacking:
Today, IT is an integral part of the structure of virtually every company. A hacking of this infrastructure, causing the entire firm to come to a standstill, is every business manager’s nightmare. Gerrit Mets, Vanbreda cyber expert: “The IT infrastructure that controls the production chains in the food industry is especially vulnerable to cyber crime.
This is because it has been designed for the purpose of continuity rather than focusing on security. Yet today, the control and maintenance of machines is still often carried out online by the suppliers of these machines. This results in external links being created between the production line(s) of food companies and the Internet and because of the absence of sufficient security mechanisms, it makes these firms extremely vulnerable.”
Solution within the cyber policy: the financial damage that a firm suffers as a result of a business interruption caused by hacking is insured. With this policy, you have access to IT, PR and legal experts who can help you get the crisis under control as quickly as possible.
Cyber risk 2: theft of sensitive images:
Today, any firm can fall victim to the theft of images (from, for example, a camera or webcam) and the unwanted distribution of these images on the Internet and social media. Gerrit Mets: “The food industry, and especially the meat sector, is closely monitored by public opinion and can ill afford bad press.”
Solution within the cyber policy: the PR costs made for the recovery of the company reputation after a data breach has occurred due to misuse of the existing infrastructure (for example, a webcam of the slaughterhouse) are covered by the cyber policy.
Cyber risk 3: heavy fines as a result of GDPR legislation:
The new European legislation (GDPR) imposes guidelines on firms concerning the management and processing of personal data. This legislation requires firms to be even more cautious and to handle this data with due diligence. Gerrit Mets: “Firms that violate the new European legislation risk fines of up to EUR 20 million or 4% of the company turnover. These fines form a new risk for executives. In case of a data breach, the GDPR also requires the notification of all those affected. The costs of such a notification campaign could really run high.”
Solution within the cyber policy: the administrative fines are covered by the cyber policy, as are the costs made in informing the victims of a data breach about the loss of their personal data.
Low Threat of Theft
The threat of theft is low. Unlike personal private data contained in financial or HR systems, manufacturing data has low value.
While theft risks are low, others are much higher. Data corruption or loss could result in significant financial impact. An inability to show a HACCP check could result in millions of dollars lost in product recall or disposal. These financial risks make this data a target for criminal hijackers who can encrypt data and hold it hostage for a ransom. This is known as a “ransomware” attack and is a growing cyber security threat.
Once risks are assessed, a data security program can be established with practices similar to those that ensure safe, quality products. Data security professionals will call for familiar actions like:
maintaining zones of security to prevent threat migration
protecting and monitoring critical control points and
conducting regular tests of risk points and the general environment.
Implementing Deep Security
Done independently, implementing deep security can be a considerable expense, requiring expertise, hardware, training, and continuous diligence.
One surprising cost-effective method for protecting data is transitioning from an on-premises system to a cloud-based Food Quality Management system. This approach may seem counterintuitive on the surface; however, cloud-based data companies are the most well-equipped to protect data. Cloud-based companies are hyper-focused on data security because their business’ health depends it. Cloud-based companies have resources such as security experts, backups, redundancy, testing, monitoring, and other practices that are cost-prohibitive for individual companies.
In many ways, the risks from cyber threats are no different than the safety risks that food companies mitigate every day.
The security risks to food data fall into a few categories: theft, public exposure, data corruption or loss, and data manipulation or falsification. Assessing the likelihood of attack in each category requires identifying malicious actors and how each might benefit from an attack. Is the actor a foreign agent, cybercriminal, disgruntled employee, a competitive spy, or extremist food activist? How would a bad actor benefit from stealing, exposing, manipulating, or corrupting data?
Highest Selling Technical Courses of Indian Cyber Security Solutions:
Cybersecurity services that can protect your company:
Other Location for Online Courses: