Cyberattacks can force supply chains to shut down and cause significant losses for businesses. CTO and co-founder of BitSight Stephen Boyer looks at what companies need to do to better protect themselves. This article first appeared in the July 2021 issue of Food and Drink Business.
In the aftermath of ransomware attacks against Australia’s largest meat supplier JBS, and brewer Lion, it has become clear just how critical the issue of sound cybersecurity is.
Australian organisations are facing heightened cyberattacks, with cybercriminals specifically targeting agricultural supply chains. This growing trend and recent string of high-profile cyberattacks on food businesses should serve as a wakeup call for the industry. It’s clear that the status quo of cybersecurity practices simply isn’t working.
Regulatory requirements on cybersecurity have been relatively minimal for companies in the industrial food and beverage industry. Unfortunately this leads to underinvestment in security compared to other sectors.
The food production industry lags behind other industries when it comes to cybersecurity performance; BitSight data shows that, compared to other sectors, food production security performance significantly trails sectors like insurance or finance, making individual organisations more exposed to attacks. In fact, when rating organisations’ security performance on a scale of 250 to 900 (900 being the best), 70 per cent of food companies fall below a 750 rating.
The existential threat to food and beverage businesses cannot be overstated. It’s critical that businesses act quickly to re-evaluate their security performance management to prevent the food and beverage industry becoming the epicentre of cyber catastrophe.
This growing trend and recent string of high-profile cyberattacks on food businesses should serve as a wakeup call for the industry. It’s clear that the status quo of cybersecurity practices simply isn’t working.
Understand the risks
The growing risk of cyber compromise requires a stronger, more consistent, comprehensive approach. Measuring and maintaining security performance over time across the entire ecosystem is critical to defending against the next cyberattack. But your own security performance isn’t all you need to worry about – it’s your partners, suppliers, and any third-party member of your networks.
Cybercriminals are able to find and attack the least secure business in the supply and use that foothold to gradually compromise their partners. Having tools that provide deep insight into the risks and security performance of every member of your supply chain is critical. Business leaders can use this data to make informed decisions about which businesses they choose to business with, how they transact, and ultimately how to defend the business.
Identify vulnerability
Whenever there’s a flurry of major cyber events, business leaders often unintentionally slip into a swirl of whack-a-mole, stuck in a reactive mode of patching vulnerabilities as they pop up. They focus on responding to the latest threat individually, when instead, taking a step back to create and execute a broader security performance management strategy is much more beneficial.
Recent analysis shows the faster an organisation patches and addresses new vulnerabilities, the less likely it is to be hit by a successful ransomware attack.
Cybercriminals are adept at rapidly leveraging new vulnerabilities and exploiting them against organisations that aren’t patching fast enough. For example, when news of the hack against Microsoft Exchange servers broke, cybercriminals were scanning for at-risk companies within five minutes.
BitSight data shows that 40 per cent of food production companies face an increased risk of a ransomware incident due to poor patching practices.
Patching strategy
Patching is an important element of cybersecurity performance, but taking a whack-a-mole approach isn’t affordable, or effective. Instead, businesses should take a step back to look at the full picture.
Does the business have a deep understanding of where its current vulnerabilities lie?
Where is the business getting information on which vulnerabilities to prioritise?
How quickly and regularly does the business patch?
Is the business leveraging tools to identify where it is at risk due to its partners?
These questions can help shape a robust and sustainable patching strategy to proactively defend the business.
Sound security performance management over time creates cyber-resilient businesses, and is the key to the food industry beefing up its cybersecurity capabilities.
Stephen Boyer is co-founder and CTO at BitSight, cybersecurity risk ratings specialists. Prior to BitSight, he co-foundered Saperix (acquired by Firemon), a company spun out of the MIT Lincoln Laboratory focused on vulnerability and network topology risk analysis. At MIT he led R&D programs solving large-scale national cybersecurity problems.