The future of the consumer industry will be shaped by a range of disruptive themes, with cybersecurity being an important theme that will have a meaningful impact throughout the industry. A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Consumer Goods – Thematic Research. Buy the report here.
Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programmes, and electronic data from attack, damage, or unauthorised access. The pandemic has accelerated the digitalisation of business operations which means that consumer goods companies are storing more and more consumer data. Failure to protect this data can cause severe reputational damage and incur serious fines if a company has failed to comply with the EU’s General Data Protection Regulation (GDPR).
Additionally, a successful cyberattack can bring a consumer goods company to its knees. Ransomware can force companies to halt production by crippling information technology (IT) and operational technology (OT) infrastructures and disrupting supply chains. Therefore, it is more important than ever that consumer goods companies invest in robust cybersecurity networks.
However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.
According to GlobalData’s thematic research report Cybersecurity in Consumer Goods, leading adopters of cybersecurity infrastructures include: Nestlé, PepsiCo, P&G, Unilever, and Johnson & Johnson.
Insights from top ranked companies
Nestlé is one of the consumer goods companies investing the most in its cybersecurity. Nestlé has posted more cybersecurity-related jobs since July 2019 than any other consumer goods company, except pharma companies Johnson & Johnson, Sanofi, and GlaxoSmithKline. In 2020, Nestlé used Microsoft Azure’s DevOps and machine learning to create Phishscreener, an AI programme that detects phishing emails more quickly and accurately than Nestlé’s previous detection system. Nestlé is also a client of Auvesy, a company that specializes in version control and data management services for industrial control systems (ICS). Auvesy’s data management system enables Nestlé to track all changes made to the assets in its factory in Mainz, Germany. This enables Nestlé to identify unauthorized changes and restore devices to approved settings after a cyberattack.
P&G has suffered direct cyberattacks and third-party breaches in the last three years. In October 2019, a researcher at Sanguine Security discovered that Magecart, a cybercrime group, had placed malware in P&G’s first aid beauty website, forcing the website to be taken down in May 2021.
These experiences have prompted a noticeable shift in P&G’s assessment of cybersecurity’s importance. For instance, mentions of cybersecurity in P&G’s company filings roughly tripled in 2020, no doubt partly because of the cyberattack in late 2019. P&G also posted more cybersecurity-related jobs in 2021 compared to 2020. The number of cybersecurity-related jobs posted by P&G in the first five months of 2022 amounted to 80% of the total jobs posted in 2021.
To further understand the key themes and technologies disrupting the consumer industry, access GlobalData’s latest thematic research report on Cybersecurity in Consumer Goods.
Frequently asked questions
1. Why are Consumer Goods companies investing in cybersecurity?
Consumer Goods companies are investing in cybersecurity due to the increasing reliance on information technology (IT) and operational technology (OT) systems that are connected to both the internet and the corporate network, which increases the attack surface available to threat actors. Additionally, the pandemic has accelerated the digitalization of business operations and has normalized remote working and ecommerce, which means Consumer Goods companies are storing more and more consumer data. Failure to protect this data can cause severe reputational damage and incur serious fines if a company has failed to comply with the EUs General Data Protection Regulation (GDPR).
2. How do cyberattacks impact the Consumer Goods industry?
Cyberattacks can bring a Consumer Goods company to its knees. Ransomware can force companies to halt production by crippling IT and OT infrastructures and disrupting supply chains. The combined costs of stopping production, restoring or replacing compromised equipment, and, in some cases, paying the hackers their ransom can be enormous. Cyberattacks can also result in the loss of sensitive consumer data, which can cause severe reputational damage and incur serious fines if a company has failed to comply with data protection regulations.
3. Which Consumer Goods companies are leaders in cybersecurity adoption?
Leading Consumer Goods companies in cybersecurity adoption include Nestlé, PepsiCo, P&G, Unilever, Johnson & Johnson.
4. Who are the leading vendors of cybersecurity to the Consumer Goods industry?
Leading vendors of cybersecurity to the Consumer Goods industry include Dragos, Sangfor Technologies, Nozomi Networks, Claroty, Armis Security, Mandiant, and CyCognito.
5. How does increased investment in cybersecurity benefit Consumer Goods companies?
Increased investment in cybersecurity can benefit Consumer Goods companies by protecting their IT and OT systems from cyberattacks, reducing the risk of data breaches and reputational damage, and ensuring compliance with data protection regulations. It can also help companies to maintain the trust of their customers and partners, and to safeguard their supply chains.
6. What are the challenges with adoption of cybersecurity in Consumer Goods?
The challenges with adoption of cybersecurity in Consumer Goods include the ongoing transformation of the sector, which has led to the digitalization of business operations with IoT sensors, artificial intelligence (AI), cloud computing, and robotics. Simultaneously, ecommerce sales of Consumer Goods have grown, with Consumer Goods companies creating ecommerce sites or distributing through online retailers. The COVID-19 pandemic accelerated the switch to online channels as companies and consumers adapted, manufacturing and purchasing products and services in ways that complied with social distancing restrictions. This has broadened the attack surface and increased the potential rewards for threat actors.
7. What is the projected market size of cybersecurity in Consumer Goods?
Global security revenues are headed for strong growth in the first half of the 2020s. The strongest growth will be in software, which GlobalData predicts will record a CAGR of 13% between 2020 and 2025. Over the same period, hardware revenues will increase at a CAGR of 10%. Services will record the smallest CAGR, 5%.
8. Who are the leading specialist cybersecurity vendors in Consumer Goods?
Leading specialist cybersecurity vendors in Consumer Goods include Dragos, Sangfor Technologies, Nozomi Networks, Claroty, Armis Security, Mandiant, and CyCognito.
9. What are the components of the cybersecurity value chain?
The components of the cybersecurity value chain include hardware, software, and services such as unified threat management, vulnerability management, application security, managed security services, and risk and compliance.