The criticality of CPG

A guide for consumer packaged goods CISOs in the face of increased security threats to the supply chain

Toilet paper. Disinfectant wipes. Ketchup packets. Grape Nuts. Pet food. Baby formula. At various points throughout the pandemic, consumer reaction to shortages of consumer-packaged goods (CPG) such as these has ranged from annoyance to deep inconvenience to true hardship. It’s clear that, during the past two and half years, CPG companies have in many ways become part of the critical infrastructure. 

“Consumer packaged goods have become an integral part of protecting the health and safety of the country, which means that real care has to be taken to protect the supply chain from cyber-attacks and other disruptions,” said Andrew Stanley, Chief Information Security Officer (CISO) & VP Global Digital Operations, Mars, Incorporated, one of the world’s leading CPG companies. “Regardless of what kind of nutrition is in question, CPG companies maintain hygiene, nutrition, hydration, pet health and safety, and first aid. These are not luxuries or indulgences; they are real, baseline needs.”

As it became clear that CPG shortages could cause consumers significant stress, the sector has become more of a target for cyber-criminals, many of whom seek to disrupt daily life. In the past, CISOs at CPG companies were focused on defensive measures to ward off or respond to potential hacking. Today, given how integral cybersecurity is to protecting companies’ most popular brands, the role of the CISO and cybersecurity team has shifted to be much more integrally bound to the business. 

Explore our white paper that covers the top three threats on CPG CISO’s minds and how these threats can be countered.

Contact us

Mitushi Pitti

Mitushi Pitti

Managing Director, Cyber Security Services, KPMG US

+1 212-954-6102
Kristy Hornland

Kristy Hornland

Manager Advisory, Cyber Security Services, KPMG US

+1 425-281-5251