4% affected, 60% unprepared: time for cyber resilience in the food sector
#cybersecurity #resilience #crisismanagement |
|
Beverage manufacturer Ordal did what many food companies wouldn’t dare to do: they subjected themselves to an ethical hack across the whole of Flanders.* Were the hackers successful? Or what is the state of cyber security in the food industry? Our colleague Barbara shared her insights as cybersecurity expert in the food industry on the Streamz programme Hacked. Some striking figures:
Food companies are therefore an attractive target, 60% of which do not have a Cyber Incident Response Plan. Moreover, warfare today takes place largely online. How can you better equip your company and deal with a cyber incident in a more resilient manner? Here are a few insights and tips to help you further strengthen your cyber resilience. *You can watch the episode of Hacked on Streamz (in Dutch). |
Our tips:
Tip #1: Build a security culture
For many companies, cyber security is something that seems far removed from their daily reality. In recent years, there have been a number of hacking incidents in the food industry, which has led to a growing shift in the perception of the risk.
Creating a culture doesn’t happen overnight. A security culture is very broad: ranging from an awareness of digital risk to the same mindset when it comes to physical security.
- You don’t share a password online, just as you wouldn’t lend out your badge at the gate.
- You think twice before clicking on a link, just as you do before inserting a USB stick into your computer.
Many companies have developed procedures, provide training and, where necessary, a test. However, we see many grey areas and ambiguities in procedures. Moreover, the training courses are usually not geared towards behavioural change. So it is high time to change this!
Tip #2: Make cyber security a living part of your business
- Share industry incidents with your staff
- Share experiences with industry peers. For example, join the learning networks run by Flanders' Food or the Cyber Security Coalition
- Regularly test employees with fake phishing emails
- Test whether the crisis team is ready to respond to a cyber incident with a cyber security tabletop exercise
- Use the free tools from the Cyber Security Coalition or the Centre for Cyber Security Belgium to raise awareness
Test in the spotlight: Intrusion test
How vigilant are your staff?
Ready to test your food defence awareness? During an intrusion test, we’ll try to gain access to your production facilities, raw materials, offices and even computers.
We’ll also be on the lookout for data breaches: sensitive information, unsecured PCs. Furthermore, we’ll aim to raise awareness about the use of external USB drives.
Service in the spotlight: Table top cyber security
How does your crisis team rate?
During this exercise, we will simulate a cyberattack. We will not take your IT systems offline, but will test the crisis team’s organisation, approach and crisis communication. You will receive a comprehensive report.
Learning points
Make sure you don’t become the poster boy for the crisis
Some crises affect an entire sector. How do you avoid becoming the face of the crisis? How do you coordinate strategic actions? Who takes the lead on crisis communication? Here ...
What to do in the event of a shitstorm?
Has anyone targeted you (online)? Are you dealing with a (verbally) aggressive individual who is attempting to discredit you through various channels? Below, we share a few t...
Change communication: without strategy, no support
A major restructuring at an international food company caused turmoil in the workplace. Hundreds of jobs were at risk, which deeply affected the employees. Barely a month later,...