Crippling cyber attacks on Marks & Spencer and Co-op have left the food and beverage industry scrambling to strengthen security systems and prevent further incidents.
Three weeks on and both retailers continue to battle supply chain and website issues, leaving shelves empty and online shopping suspended.
But while these events have been catastrophic they certainly weren’t unexpected.
Security experts have repeatedly warned of the dangers posed to the industry by hackers, with Richard Werran of BSI saying, “cyber attackers have moved on from trying to attack banks and car manufacturers, they’re attacking the food sector because it‘s such a weak sector.”
Despite this, the mounting threat has not been taken seriously with food and beverage companies continuing to prioritise other issues.
“The opinion seems to be, ‘we could spend these millions on security and something bad might not happen, alternatively we could spend the same millions somewhere else in the organisation and something good is going to happen’,” said David Mudd of BSI while speaking in March.
Unfortunately “something bad” did happen and both industry and government are now belatedly shifting focus towards security.
“What we have seen over the past couple of weeks should serve as a wake-up call for businesses and organisations,” said Cabinet minister Pat McFadden during a government-organised meeting to discuss cyber security. “Cybersecurity is not a luxury but an absolute necessity.”
Is F&B finally taking cyber security seriously?
The attacks on Marks & Spencer and Co-op have led to a 320% spike in interest in ‘cyber security support’ according to business advisor Bionic.
What‘s more, Google searches for the term ‘cyber attack’ have surged by 588% over the past month, showing the level of industry and public interest.
And experts are responding to concerns by issuing advice and support to companies as they attempt to shore-up their security systems.
“To reduce the risk of an attack, it‘s essential to invest in preventative measures such as regular software updates, installing firewalls and anti-virus applications and ensuring there’s available cybersecurity training for employees,” says Laura Court-Jones, of business advisor, Bionic.
Hackers will target anyone they can and small businesses are often easy prey due to weaker security systems, adds Court-Jones. Though the attacks on Marks & Spencer and Co-op show larger organisations are equally vulnerable.
And it‘s not just about companies protecting themselves and their customers, they also need to make certain insurance companies will insure them.
“The cyber insurance market has been taking a keen interest in attacks against the retail sector,” says Holly Waszak, head of cyber claims UK at insurance broking and risk management firm Marsh. Adding that insurers are “monitoring developments closely”.
It could be that, in the future, food and beverage suppliers, manufacturers and retailers must illustrate a minimum level of cybersecurity in order to be approved by an insurer.
