JBS Foods — one of the world’s largest suppliers of meat including beef, mutton and pork — recently suffered a ransomware attack that impacted the company’s processing facilities in Australia and multiple plants in the United States.
This attack occurred only a few weeks after a similar ransomware attack on Colonial Pipeline which paralyzed fuel distribution to thousands of fueling stations across the Southeastern United States. These incidents have exposed the vulnerability of our most critical infrastructures, this time impacting the food supply chain.
Cyber attackers are well-organized, advanced and aggressively targeting large, established critical infrastructure and supply chains. Businesses with a role in providing critical infrastructure capabilities must ensure their cybersecurity strategy is equally well-organized, advanced, and aggressive.
This mandate is more than a business decision. These organizations have a societal imperative to ensure they are adequately protecting their critical business functions.
Businesses engaged in providing critical services may have a higher imperative, but all organizations can benefit from implementing structured cybersecurity risk management as an integral part of their business processes.
Leadership should begin by assessing their cybersecurity risk including identifying threats and vulnerabilities, analyzing the probability of attack and the impacts if they are attacked and establishing cybersecurity priorities based on this information. These priorities will drive cybersecurity risk management planning to control, resolve and monitor their risks with resiliency in mind. Cybersecurity risk management is no different than business risk management in this regard.
No organization can defend itself against every possible attack, but by making cybersecurity a business priority rather than relegated to an IT function, business leaders can prepare their organizations to react faster, respond better and recover more effectively.