A comprehensive cybersecurity program that is regularly managed and maintained is key for protection. Simply installing firewalls and antivirus software does not guarantee that critical company assets are safe from criminals if the firewall is not maintained properly and the antivirus software is never updated with approved patches. There must also be policies and procedures, proper employee security training, and regularly updated operating system patches, to name a few. The “it won’t happen to me” mentality is no longer a valid defense.
Since cyberattacks are no longer a matter of if but when, companies in the food and beverage industry must plan for remediation if they fall prey to hackers, even if it means hiring additional specialized staff to help circumvent these attacks. It’s important to have a plan in place before an attack occurs, rather than afterwards. If companies neglect cybersecurity best practices, they risk legal issues, fines, and souring their brand. They can lose customers, money, and future business opportunities. Because most food and beverage companies use the same IT systems across their stores and franchises, it’s easy for criminals to duplicate attacks and cause extensive damage in a matter of minutes. And thieves are sure to make off with a lot of loot due to the high transaction volume of the food and beverage industry—which also contributes to its appeal to hackers.
Cybersecurity best practices should incorporate a security assessment to establish any security gaps and determine any risks to safe and reliable day-to-day business operations. Reviewing current policies and procedures on cybersecurity and comparing them to government, industry, or corporate requirements can help point out any security shortcomings, and determining how to protect critical assets from vulnerabilities and risks is key to adequately securing data. Most importantly, managing and maintaining a security program will allow food and beverage companies to adapt as new threats surface and as new technology emerges.
The National Institute of Science and Technology (NIST) Cybersecurity Framework that was released earlier this year offers guidance for businesses looking to bolster their current security programs as well as for businesses that are starting cybersecurity programs from scratch. The Framework is a best practice approach to security risk management, offering a common language that can be used across all industries—even the food and beverage industry. The NIST Framework is made up of three tenets: the Core, Profile, and Implementation Tiers. The Framework Core includes a template of activities and outcomes that organizations can use with existing best practices, suggesting ways to identify, protect, detect, respond, and recover from cyberattacks. The Framework Profile helps organizations align their cybersecurity activities with their business requirements, risk tolerances, and resources by mapping out where they are currently with their security programs and where they want to be, which helps establish security gaps. Last, the Framework Implementation Tiers help organizations rate their security readiness based on four levels of maturity: Partial, Risk Informed, Repeatable, and Adaptive. Although the framework was initially designed for critical infrastructure industries, it is readily applicable to any company, no matter its size or industry or country it is located in. The primary focus is on risk management through the implementation of the Tiers, helping organizations gauge their progress. The Framework offers a continuous improvement process, which is critical since these types of threats evolve as quickly as technology improves.
While many organizations have different approaches, they all have a common element—to establish a best practice approach to cybersecurity. Some basic practices include:
- Identifying and categorizing assets,
- Establishing a plan to eliminate significant vulnerabilities,
- Developing systems to identify and prevent potential attacks,
- Identifying, containing, and fighting back against known attacks,
- Applying and maintaining the latest operating system and application patches,
- Using current antivirus definitions,
- Updating authorized application software,
- Enabling network antivirus software,
- Not using a USB stick unless it’s been scanned and confirmed that it is free of problems,
- Hardening servers and workstations,
- Changing default admin passwords,
- Controlling user rights,
- Implementing backup and restoration,
- Taking inventory of network assets,
- Using physical network isolation when possible,
- Using logical network segmentation (secure zones) when possible with strict firewall rules,
- Enabling firewall logging,
- Using Network Management Systems,
- Not clicking links or files that aren’t verified, and
- Creating an incident response plan before an incident occurs.
Security researchers have predicted 2014 would see an increased number of these breaches and attacks, and so far, they’ve been right. There has been a 21 percent increase in incidents according to the Identity Theft Resource Center—and that’s only reported attacks. The World Economic Forum’s annual report ranked cyberattacks in the top five global risks in terms of likelihood. And research from Arbor Networks states “the number of DDos (distributed denial-of-service) events topping 20 Gbps (Gigabits per second) in the first half of 2014 are double that of 2013.” Among the largest breaches this year are several food and beverage companies. In addition, security experts are now saying hackers aren’t the biggest threat anymore. Simple mistakes and poor security best practices are quickly becoming just as dangerous.