The impact of cybersecurity on the consumer goods sector

The matrix below details the areas of cybersecurity in which consumer goods companies should focus their time and resources. We suggest consumer goods companies should invest in technologies shaded green, explore the prospect of investing in technologies shaded yellow, and ignore technologies shaded red.

Almost every layer of the consumer goods value chain will rely on employees using company devices that are internet and network-connected to communicate, create content, and operate or oversee machinery. Consequently, device access needs to be controlled by identity management.  

Network security, endpoint security, threat detection and response, email security, and unified threat management are all needed to achieve adequate visibility over what is being communicated within and between IT, OT, and IoT networks. They will pre-emptively filter out any malicious content directed toward these networks and prevent unauthorized persons from gaining access to the network.  

Cloud security and data security are needed to ensure that stored data is sufficiently protected from thieves and other malicious players. Application security is needed to prevent applications used by employees from becoming points of vulnerability. Vulnerability management and risk and compliance services are needed to provide internal and third-party perspectives on points of cybersecurity weakness and areas for improvement. Finally, post-breach response services are essential because, eventually, every company will suffer a breach. Post-breach response services will prove invaluable in these moments.  

The cybersecurity value chain layers that should be explored are chip-based security and managed security services. Investing in chip-based security entails purchasing and installing the newest IT and OT hardware that uses cybersecure chips. However, completely retrofitting departments with the latest hardware would cause significant disruption to business operations.   

This is especially true for the manufacturing and distribution and logistics layers, which are comprised of both IT and OT assets. Managed security services are certainly a valuable investment. However, outsourcing security management is ultimately an operational choice. Internal teams can manage a company’s cybersecurity.  

Email communication does not always feature in the payment process. However, verification emails are sometimes integral. Therefore, consumer goods companies should explore the importance of email security in the payment process.  

Cybersecurity becomes key in an environment where consumers have less disposable income and consumer goods companies need to maintain cost efficiency and profitability, due to higher inflation.  

Cybersecurity measures that protect consumer information and increase brand loyalty and consumer trust are key to maintaining customer relationships. But more significant for inflation is the importance of cybersecurity in safeguarding consumer goods supply chains, infrastructure, and operations systems. If these processes are disrupted this will result in further increased costs to the consumer, which will damage retailers’ competitive pricing.  

Cybersecurity plays a vital role in a company’s social and governance performance. Firstly, GlobalData’s ESG Framework identifies human rights as a crucial social factor, and data breaches, if they include personal data, violate people’s right to privacy. Secondly, GlobalData’s ESG Framework organizes governance factors into four distinct areas, one of which is risk management.  

Now more than ever, cybersecurity is a crucial aspect of corporate risk management. Cybersecurity breaches threaten profitability because they can cause lasting damage to digital and physical infrastructures and can badly tarnish a company’s reputation. Cybersecurity breaches also threaten employee and customer privacy. As such, a company without robust cybersecurity protocols cannot be considered a strong ESG performer and is therefore not safe from scrutiny and consumer backlash.   

Furthermore, the growing importance of ESG in the consumer goods sector is accelerating the adoption of digital technologies. For example, blockchain is now being used throughout consumer goods supply chains to ensure that where, when, and how consumer goods are produced is visible and traceable. In this way, auditors can scrutinize, for instance, whether a product was produced ethically or whether a product was made with sustainable raw materials. Integrating blockchain into supply chains expands the attack surface threat actors can exploit. Using blockchain requires specialist hardware integrated into production lines, expanding the OT attack surface. Blockchains themselves can also be hacked.  

With consumer tastes constantly evolving, the consumer sector must adapt quickly to maintain demand. Generational shifts mean companies must navigate evolving digital lifestyles. As consumer companies increasingly digitize the importance and amount of cybersecurity grows simultaneously.   

Cybersecurity plays a significant role in helping consumer brands protect customer engagement and fit into digital lifestyles. Cybersecurity will provide consumers with more information about what they are buying while also ensuring secure personalized marketing to specific buyers.  

According to a PWC report, 65% of people are more influenced by customer experience than traditional advertising, and according to Forbes, 74% of customers are more likely to purchase goods purely due to the customer experience. This means that any technology that can improve customer engagement and create immersive and memorable experiences will likely see an increase in demand for their products. For this reason, many consumer companies will see cybersecurity as a vital investment to safeguard the introduction of new technologies.