Most industry sectors have suffered cyber-security attacks in recent years with 86% of companies globally having reported at least one cyber security incident during 2017 alone. Whilst most of us are aware of the impact that these attacks have had on organisations such as the NHS, most would fail to understand what impact such an attack would have on businesses within the food sector.
Recently, both the Centre for the Protection of National Infrastructure (CPNI) in the UK and the Federal Government in the Unites States have designated the food and agriculture sector as ‘critical infrastructure’ and therefore considered likely targets for cyber-attack. At a recent conference held by the Institute of Food and Science Technology businesses in both the food and drink supply chain were urged to assess and address their risks.
During 2017, one major food brand temporarily halted production at one of its factories due to the malware infecting manufacturing equipment. Cyber-attacks not only affect production and interrupt normal food supply, but they can also result in the loss of sensitive data, intellectual property and revenues and can have a detrimental impact on brand reputation too.
Here are 5 simple steps to protect your business against common attack strategies:
1. Vigilance and awareness – people are the primary defence against many attacks. Train your staff to spot malicious emails and phishing attempts and to not engage with them. This may sound simple but malicious emails are one of the most common ways a cyber-attack begins. The National Cyber Security Centre publishes advice for avoiding this type of email https://www.ncsc.gov.uk/guidance/avoiding-phishing-attacks
2. Protect yourself against malware. Malware can provide access for attackers or may deliver ransomware that can locks up your computers until you pay a ‘ransom’ to the malware’s owners. Use a good quality anti-virus solution on all computers and keep it up to date.
3. Keep up to date on patching. All software vendors frequently release updates for their software. Make sure you apply these patches, whether they are Windows updates, your email client, office applications or your office firewall these patches fix security vulnerabilities that attackers may exploit.
4. Back up your data. In the event of a malware attack your data may not be recoverable even if you do pay the ransom. Having a working, tested system to backup and restore means you will lose minimal data if the worst should happen.
5. Password protection. Ensure that your systems are protected by strong passwords - longer passwords with characters, symbols and a mixture of capital and lower case letters are harder to guess and harder for attackers to break. Remember to always change any default passwords as these are frequently easy for an attacker to break.
Finally, you should also consider creating an incident response plan to follow in the event of a cyber-attack. This will vary depending on the type and size of your business but just considering how you respond ahead of time, will be beneficial when you’re under pressure to act.
For further advice you can you also visit the small business security guide published by the National Cyber Security Centre https://www.ncsc.gov.uk/smallbusiness and the advice published by the Centre for the Protection of National Infrastructure https://www.cpni.gov.uk/advice