Preparation essential to deal with cyber attacks
(File image)

Produce companies must think the unthinkable and prepare for cyber-attacks before they happen, one consultant says.

“I think every company in every industry faces this risk,” Amy de La Lama, head of the global data privacy and cybersecurity group at law firm Bryan Cave Leighton Paisner. “I agree that the threat actors are definitely increasing in sophistication.”

The law firm helps companies develop incident response policies.
“We wouldn’t be able to tell them what happened from a technical standpoint, but work through it in terms of the incident and interpret the situation as to what legal obligations that might trigger reporting obligations, notification obligations to individuals, government reporting obligations,” she said. 

Post-incident, the firm also reviews with companies how they can be better prepared going forward.

The way that companies are compromised comes in different ways, she said, but human error often drives the incidents.
She said companies need to be prepared to face the threats relative to information security and putting in place technical controls. Firms also need to understand what information resides in their networks and what type of information might be of interest to cybercriminals, in order to prioritize security measures.

Aside from the technical measures needed, de La Lama said firms need to prepare for their incident response policies and procedures to cyberattacks.

Assuming that, at some point, companies will be subject to a security incident or a data breach, she said it is important for management to be prepared by having an incident response policy. Firms also need to have forensics providers and other providers lined up and ready to go to assess the damage from a technical standpoint.

In addition, companies need to have an overlay of training in place to make employees aware of the threat.

“So, if and when (a cyberattack) happens, you’re hopefully minimizing the impacts with technical controls and detecting it sooner, to protect your systems, and shut it down sooner than if you weren’t as prepared,” she said. 

Being prepared for incidents helps an organization save time and efficiency in a crisis, she said.

Whether or not a company will pay a ransom also is an issue that should be addressed in preparations for a cyberattack.

“You should really be thoughtful about whether or not, for your company, if there are certain circumstances where you might pay a ransom or if you’re going to draw hard lines,” she said. “Certainly, law enforcement and other experts caution against paying ransom, and there are some new Department of Treasury (regulations) — you have to be mindful of rules that where you might be making a payment to a sanctioned party.” she said.

More than deciding one way or the other, de La Lama said it is about being prepared and having a sense of what the company’s position would be and why.

“The problem with drawing a hard line in the sand about not paying ransom is that sometimes the business disruption is so significant that (companies) can’t necessarily say ‘We just can’t pay it.’”

Looking down the road, de La Lama said the federal government is seeking ways to combat cyberattacks and “level the playing field.”

Cyber insurance companies will be taking a second look at whether or not they will cover ransomware payments, and that will impact what companies can and will pay.

Today, she said ransomware payments may be relatively common, though they are not being disclosed.

“I think that a lot of times, people are just getting their business online and trying to move forward.”

One of the ways cybersecurity attacks and data breaches have evolved, she said, is that the initial concerns were on information held by companies, such as credit card or health and medical information. 

The recent well-publicized attacks have been related to infrastructure.

“A food company can’t assume that because they don’t hold a lot of consumer data, that they wouldn’t necessarily be the subject of attack,” she said. 

“We’re seeing sort of these types of attacks being directed at companies for different reasons, and it is not necessarily just for getting the information.”

Tags

Produce - General Produce Tech
 

Latest News

Industry
RaboResearch looks for delay in rate cuts
RaboResearch looks for delay in rate cuts

Concerns about inflation have shifted Rabobank’s forecast of the first Federal Reserve rate cut this year from June to September, with the number of cuts projected to decrease.

Tom Karst
Retail
Vallarta Supermarkets to reopen renovated California store
Vallarta Supermarkets to reopen renovated California store

After months of restoration, the Delano, Calif., store is set for a grand reopening May 1, featuring festivities to go along with a fresh look and enhanced shopping experience.

Aaron Gonzalez
Packer Tech
Roamer Transport improves efficiency with Lynx Fleet telematics solution
Roamer Transport improves efficiency with Lynx Fleet telematics solution

The company, which hauls fresh and frozen food, has adopted Carrier Transicold’s Lynx Fleet telematics solution across its 39-trailer fleet.

The Packer Staff
Produce Crops
Proposed rule would increase assessment rate for South Texas onions
Proposed rule would increase assessment rate for South Texas onions

A proposed rule from the USDA would implement a recommendation from the South Texas Onion Committee to increase the assessment rate by 3 cents.

The Packer Staff
Sustainability
A look at regenerative ag in the specialty crop industry
A look at regenerative ag in the specialty crop industry

Ali Cox, CEO and founder of Noble West, an agriculture marketing consultancy, shares how specialty crop growers are currently using regenerative ag, its benefits and its potential for the future.

Christina Herrick
Retail
Shuman Farms partners with Food Lion and Royal Food Service to kickoff Vidalia onion shipping
Shuman Farms partners with Food Lion and Royal Food Service to kickoff Vidalia onion shipping

Shuman Farms inaugurates the Vidalia onion season with the first shipment from Cobbtown, Ga., partnering with Food Lion and Royal Food Service for widespread distribution across the U.S. and Canada.

Aaron Gonzalez
View More