Food and drink industry top target for cyber attacks


4 April 2014

Précis In recent years businesses worldwide have seen a sharp rise in the number of cyber attacks. With significant advancements in technology in the food and drink sector, these businesses in particular are increasingly at risk.

What? Recent and rapid developments in technology are revolutionising the food and drink sector, such that the application of technology is now fundamental to the success or failure of businesses. However, with these technological advancements come the increased risk of fraud and cyber attacks.

The 2013 Global Security report by Trustwave, indicated that 24% of all data breaches occurred in the food and beverage industry which, along with the retail sector, continues to be the top target for cyber attacks. Standardization of computer systems is common across these sectors and, in the event that a security deficiency exists within a specific system, it can easily be duplicated across the entire network, leaving these industries more susceptible to attacks.

There have been a number of recent large scale cyber attacks on businesses. In the US, supermarket Target was subject to an attack over the Thanksgiving season. Hackers stole data from up to 40 million credit and debit cards of shoppers over the busy holiday period. More recently White Lodging, a company that manages various Hilton, Marriott and Radisson hotels, reported that a cyber attack had occurred in the restaurants and bars of 14 of its locations across America, exposing the credit and debit card details of customers.

So what? Whilst technological advances in the sector are key to the continued success of businesses, it is necessary to ensure that the risks these advancements pose are managed effectively.

In terms of preventative measures, businesses can increase staffing levels on those checking data and detecting attacks, and spend on improving IT capabilities and encrypting data. Rockwell Automation, which has launched an initiative to help protect manufacturers and their systems against the threat of cyber attacks, highlights the importance of a secure network infrastructure in allowing companies to deploy contemporary technologies such as mobility and cloud computing, while still performing critical automation functions.

However, it is also important to plan for the fallout of an attack as inevitably most businesses will at one time or another, and on varying scales, be subject to a cyber attack.

A cyber attack can lead to a number of issues within the sector. There are of course legal issues to consider such as data protection breaches and associated fines; and fraud issues depending upon how the stolen data has or will be used. There are also IT considerations in how to strengthen your systems against a future attack, and ultimately there are PR issues for a company’s brand. Businesses should have an urgent response team in place to cover all of these areas and ensure that reporting obligations are fully complied with.

Cyber security should be at the forefront of every company’s mind to ensure that their infrastructure and processes protect the data held, and that in the unfortunate event of an attack they are sufficiently prepared to manage the outcomes.

Mary Kelly
Senior Associate
marykelly@eversheds.com

Adam Collinson
Adam Collinson, Partner
e: AdamCollinson@eversheds.com
t: +44 113 200 4234
m: +44 776 876 0431