Leading consumer goods companies in the cybersecurity theme

The future of the consumer industry will be shaped by a range of disruptive themes, with cybersecurity being an important theme that will have a meaningful impact throughout the industry.

Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programmes, and electronic data from attack, damage, or unauthorised access. The pandemic has accelerated the digitalisation of business operations which means that consumer goods companies are storing more and more consumer data. Failure to protect this data can cause severe reputational damage and incur serious fines if a company has failed to comply with the EU’s General Data Protection Regulation (GDPR).

Additionally, a successful cyberattack can bring a consumer goods company to its knees. Ransomware can force companies to halt production by crippling information technology (IT) and operational technology (OT) infrastructures and disrupting supply chains. Therefore, it is more important than ever that consumer goods companies invest in robust cybersecurity networks. 

However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.   

According to GlobalData’s thematic research report Cybersecurity in Consumer Goods, leading adopters of cybersecurity infrastructures include: Nestlé, PepsiCo, P&G, Unilever, and Johnson & Johnson.

Nestlé   

Nestlé is one of the consumer goods companies investing the most in its cybersecurity. Nestlé has posted more cybersecurity-related jobs since July 2019 than any other consumer goods company, except pharma companies Johnson & Johnson, Sanofi, and GlaxoSmithKline.  

In 2020, Nestlé used Microsoft Azure’s DevOps and machine learning to create Phishscreener, an AI programme that detects phishing emails more quickly and accurately than Nestlé’s previous detection system.  

Nestlé is also a client of Auvesy, a company that specializes in version control and data management services for industrial control systems (ICS). Auvesy’s data management system enables Nestlé to track all changes made to the assets in its factory in Mainz, Germany. This enables Nestlé to identify unauthorised changes and restore devices to approved settings after a cyberattack.

P&G   

P&G has suffered direct cyberattacks and third-party breaches in the last three years. In October 2019, a researcher at Sanguine Security discovered that Magecart, a cybercrime group, had placed malware in P&G’s first aid beauty website, forcing the website to be taken down in May 2021.  

These experiences have prompted a noticeable shift in P&G’s assessment of cybersecurity’s importance. For instance, mentions of cybersecurity in P&G’s company filings roughly tripled in 2020, no doubt partly because of the cyberattack in late 2019.  

P&G also posted more cybersecurity-related jobs in 2021 compared to 2020. The number of cybersecurity-related jobs posted by P&G in the first five months of 2022 amounted to 80% of the total jobs posted in 2021.