Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel

Why Cybersecurity Matters in Food & Beverage?

Solutions for your Business Forum

No matter if your business is in the retail sector, food manufacturing, or healthcare, you'll find resources and a community of experts to discuss with on content tailored to your industry sector. Subscribe today.

Lieutenant Lieutenant

Why Cybersecurity Matters in Food & Beverage?

May 2017, the world faced one of the most serious cyber-attacks. The Ransomware Wannacry put at risk 200,000 companies spread over 150 countries. Immediately after, every company, including those in Food & Beverage, started to assess their vulnerabilities and stance regarding their cybersecurity policy. June 2017, another ransomware, Petya, infected more than 2,000 companies. For the first time, two major Food & Beverage companies announced publicly they have been attacked.


“Because cyber-attacks on Food and Agriculture sector offer little financial gain and likely pose only minimal economic disruption, the sector does not perceive itself as a target of such an attack”, as stated in the publication  Food and Agriculture Sector - Specific Plan (2015). So, what is at stake for the Food & Beverage industry and why should cybersecurity matter for F&B companies?




Cost of Cyber-attacks

In June 27, an international F&B company published that it was impacted by the attack. A few days later, a Press Release announced the consequences of the attack: a disruption in their ability to ship and invoice during the last days of their second quarter, and a first estimate on revenue impact. Furthermore, as stated in Kaspersky Labs Security Bulletin 2016, the longer it takes to detect a security breach, the higher the mitigation costs and the greater the potential damage. From US400,000 for an instant detection to more than US1.0 Billion for a detection taking over a week. It is clear that cyber-attacks may dramatically impact your business.


Food Defense Plan

With the implementation of a Food Defence Plan as part of a Food Safety Management standard, a Threat (or Vulnerability) Assessment Critical Control Point (TACCP) is recommended (Food Safety Modernization Act Final Rule for Mitigation Strategies to Protect Food Against Intentional Adulteration). Furthermore, in Europe, the PAS96:2014 Guide to Protecting & Defending Food & Drink from Deliberate Attack states that “No Process can guarantee that Food & Food Supply are not the target of Criminal Activity”. “Cybercrime” is clearly listed as a potential threat to be addressed.


Industrial Control Systems 

Cybersecurity is also a critical topic for automation architectures such as HMIs (Human Machine Interfaces) and SCADA (Supervisory Control And Data Acquisition) systems. It becomes even more important with increased connectivity, data exchange and the use of Industrial Internet of Things (IIoT). How do you make sure your process data is protected against cyber-attacks? Do your personnel have a general awareness of cybersecurity topics related to the use of such equipment? These are key challenges to answer.


Security Implementation Is a Solution, Not a Product

Security implementation is a combination of many items. It is about understanding the system, the threats and the risks. It involves people, policies, architectures and products. Of course, it is under vendor’s responsibilities to design products and solutions with security features, to ensure they enable customers to comply with security standards and to provide recommendations and methodologies to guide implementation. But the end-users need to define security procedures, to mandate responsible people and to ensure compliance with security standards.


Finally, as Industrial security is more than just IT security, a "Defense-in-Depth" approach is recommended. This approach underlines that no single item will provide security for your entire system. In conclusion, the Food & Beverage industry is also vulnerable to cyber-attacks and cyber-threats which increase in complexity. Therefore, cybersecurity policies should be assessed regularly using the evolving regulations and standards as part of your Food Defence Plan.



Want to react to this article? Add your comment at the bottom of this page





Originally posted on SE Blog


3 Replies 3
Administrator Administrator

Re: Why Cybersecurity Matters in Food & Beverage?

Here's a great article that illustrates what an attack can cost https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/

Re: Why Cybersecurity Matters in Food & Beverage?

As business owners, keeping up with emerging trends in cyber security is imperative. According to WeSecureApp, data breaches among businesses doubled in frequency during the past year. To prevent this, you must equip your organization with the right tools and latest insights.


Re: Why Cybersecurity Matters in Food & Beverage?

Thanx for sharing blog the blog. I got very informative content on hotel related to Cyber Security. I will follow you for more blog..