Tag Archives: cybercrime

Josh Smart

Tips to Stay Profitable in 2024

By Josh Smart
No Comments
Josh Smart

Staying profitable in 2024 could be a challenge for the agribusiness and food/beverage industries due to increases in insurance, labor and farm input costs. The labor shortage will also continue to be a factor. Proactively addressing risks and shoring up the right insurance coverage can help organizations address these challenges. Here’s how:

Offer Personalized Benefits

The labor shortage in the U.S. will continue in 2024 across the food, beverage and agriculture industry. Many organizations are struggling to hire new employees and maintain necessary staffing levels, which is impacting their ability to keep operations running smoothly.

The answer for many has been to harness automation, but this solution is not a cure-all. Some organizations have gone back to using traditional labor to address automation issues and reduce product defects, costs and issues with lower overall production.

Creative benefits solutions are one way to address the industry’s labor gap. Businesses that offer personalized benefits informed by data analytics are more likely to see better results in employee recruitment and retention. Personalized benefits programs are designed to provide quality employee experiences to attract workers and increase employee loyalty. These benefits can help improve employee safety, well-being and health while enhancing retention and hiring efforts.

Re-evaluate Insurance Coverage

Catastrophic weather events, high interest rates, increased insurance premiums and input costs, along with the lack of available labor will continue to impact businesses across the industry.

Interest rates, weather-related events and input costs are difficult to combat since organizations cannot control those factors. However, those that take on more risk and harness alternative risk transfer vehicles should be able to lower insurance costs and address lack of coverage to better protect profit margins.

Options to consider include:

  • Modifying limits, deductibles and retentions in existing policies
  • Carefully evaluating your business interruption coverages to ensure they meet your continuity objectives
  • Analyzing your layered insurance program for avoidable costs
  • Looking into captives or self-funded programs

Emerging risk transfer solutions can help the food and agribusiness sectors stay resilient. For example, parametric insurance policies are designed to compensate organizations after a qualified weather event, whether or not the insured actually sustains damage.

Mitigate Risks

There is an array of risks to contend with in the food industry, including product recalls, work safety, supply chain woes, manufacturing plant maintenance, cybercrime and, of course, weather-related risks. Taking a thoughtful approach to implementing risk management practices can help those in the food, beverage and agribusiness mitigate these challenges in 2024.

For example, to better develop business continuity and risk management plans, agribusinesses should undergo catastrophe modeling to simulate the impacts of possible catastrophic events that could occur in one’s geographic area. Factoring in the types of weather-related events by region to better determine how to address them also can help. Consider organizations impacted by drought: Establishing improved resource management plans can curb the impact of this type of weather event. For facilities and employees in geographic areas prone to wildfires, implementing improved safety measures can protect both.

For those in food production, contamination-related recalls and product withdrawal events are an ever-present threat. Take the issue of allergens in food, for example. Organizations that implement strong product oversight measures that include periodic audits can reduce the threat of recalls.

With the increased dependence on technology to improve production, particularly in the food and beverage industries, combating the threat of cybercrime has become particularly important. Training and educating employees on cyber threats can make them more aware of this potential crime and help to better maintain a safe work environment. In addition, implementing protective measures such as multi-factor authentication and endpoint detection and response systems can reduce the risk of cyberattacks.

The issues that the food, beverage and agriculture industries must contend with in 2024 do not differ greatly from what they’ve been dealing with the past three years. But those organizations that implement better risk management practices, analyze their insurance coverage and look at alternative risk transfer vehicles to reduce costs and improve employee well-being with enhanced benefits can remain profitable going forward.

Cybersecurity

Maintaining Data Security in Plant Operations

By Matthew Taylor, Tony Giles
No Comments
Cybersecurity

When it comes to cybersecurity, the food industry is facing more threats and risks than ever before, which is creating increased vulnerability in plant operations and the rest of the supply chain. Cyberattacks are focusing more and more on critical infrastructure, putting the food industry squarely in the crosshairs of cybercriminals.

Studies have shown that cybercriminals can penetrate 93% of company networks. One of the most serious threats is food tampering, with malware turning food itself into a weapon of terror. Cybercriminals can hack into food processing, transportation, and storage systems to spoil food and cause food poisoning and food shortages.

Ramping up protection costs both time and money, but making a preemptive investment in information security can save significant costs, considering that the median cost of a cyberattack increased from $10,000 to $18,000 in 2022, costing 40% of attack victims $25,000 or more.

Employees: Your First Line of Defense

The first and most crucial step in cybersecurity is employee training. When it comes to information breaches, two segments of a company can be impacted: the business and the operations. Impacts on the business could include leaking confidential client information, formulations, and recipes, among other data, while operations could include sensitive employee information.

As a company’s first line of defense, employees need to understand how important and integral their role is in data security. Phishing and malware are among the most popular forms of cyberattacks. By preying on individual employees, successful hackers can shut down production lines, reroute deliveries, and delay shipments.

Person using a computer
Phishing tests can be used to gauge employee skills in “real-life” scenarios and encourage vigilance.

Tools such as phishing tests can help gauge employee skills in “real-life” scenarios and help companies identify weaknesses across the organization. Employees who consistently fail phishing tests can be provided with additional training. Tests can also be coordinated on a recurring, random basis to keep employees alert and vigilant.

Food companies, especially those with plant operations, should also focus on physical security. Hackers will sometimes try their hand at breaching physical locations by “tailgating,” following an employee into a secured building without a badge. This type of attack incurs risks to data stored within the location and the products being manufactured. Just as with phishing simulations, it is important to educate employees about the risks of physical breaches, with reminders on how to prevent tailgating, lock computers, and safely store sensitive information.

Creating a Cybersecurity Toolkit

Building a strong culture of information security starts from the top down. Senior management must prioritize cybersecurity for employees to care about and understand its importance. Security professionals can work with senior leaders to identify the organization’s security starting point. If management makes information security a priority, that mentality trickles down to the entire organization.

This mentality can be communicated in training, team meetings, emails, and office posters. Some companies incentivize employees by providing free lunch or a day off for passing cybersecurity training and simulated tests.

Businesses can ramp up data security by implementing controls across the organization. Passwords should require a combination of upper and lowercase letters, numbers, and special characters, as well as frequent updating. In combination with strong passwords, multi-factor authentication (MFA) can secure data even further. This extra layer of protection can stop a hacker who has breached the system from advancing to further applications.

Companies should also evaluate their software and hardware to determine if upgrades are needed. Legacy infrastructure can hamper an organization’s efforts to increase cybersecurity, as it often cannot be updated to meet current security needs. Patching assets is another area where companies can focus their efforts; unpatched assets are a popular way for hackers to breach systems.

When Incidents Do Occur

It is best practice to have a contingency plan in place for worst-case scenarios, such as a data breach or malware that shuts down operations. An incident response plan can be created with specific details included, such as whom to contact depending on the scenario, what systems must be shut down to reduce the reach of the incident, and what tools should be used to contact employees and stakeholders. By putting an incident response plan in place, operators can minimize the potential damage to systems and data. Employees should be trained on the plan. This help to increase response speed and minimize panic and confusion during real-life situations. Incident response plans should be updated at least annually.

Seek Third-Party Support

From providing security training to setting up off-site servers, there are numerous third parties that can help businesses to improve and strengthen their information security efforts. NSF-ISR’s basic security assessment and ISO 27001 certification provide a security framework to help businesses better manage their data and information. ISO 27001 is a globally recognized certification that defines requirements for creating and maintaining a cybersecurity management system and provides a comprehensive set of controls.

No matter what mode of action businesses take first to strengthen their information security, it is most important to simply get started. Operations are only going to become more digital, so when it comes to areas within the food industry where safety, the supply chain and confidential information can be impacted, cybersecurity is imperative.