Leading cybersecurity adopters and providers in consumer goods

Cybersecurity should be a key concern for all organisations in the consumer goods sector, but who are the companies making their mark within the cybersecurity theme? Here we look at some of the companies currently leading the way in deploying cybersecurity solutions and the specialist vendors of such solutions to the sector.

Avery Dennison, US 

In June 2023, Avery Dennison partnered with Wiz to enhance its cybersecurity as it transitioned to a multi-cloud infrastructure. Avery Dennison needed better visibility into its risk posture and required secure tools that wouldn’t slow down developers. Wiz provided a unified view of Avery Dennison’s multi-cloud environment, identifying misconfigurations and critical risks, and routing issues to development teams within their existing workflows. The partnership helps maintain customer trust and supports Avery Dennison’s digital-first strategy by securing new digital products and ensuring efficient, developer-friendly security processes. Furthermore, in September 2023, Avery Dennison partnered with Abnormal to enhance email security for its employees and network of vendors and customers. The company faced challenges with phishing attacks originating from compromised vendor accounts and sought a solution that would automate manual processes. Abnormal’s API-based approach quickly detected compromised vendors and automated phishing detection and remediation.  

Coca-Cola, US 

Coca-Cola has partnered with numerous cybersecurity providers over the years to protect business operations from malware. In 2019, network security specialist Sangfor Technologies began providing Endpoint Security solutions. Claroty also provides security solutions for Coca-Cola, specializing in industrial cybersecurity.   

Coca-Cola has been subject to several attempted cybersecurity breaches. In 2021, Coca-Cola suffered two attacks because of the company’s third-party connections. In this case, it was marketing firm Fimmick and payroll managers Kronos. In April 2023, Coca-Cola FEMSA, the largest Coca-Cola bottler, suffered a threat from TheSnake resulting in a $1.5 million ransomware payment to prevent any data leaks. Following these security breaches, Coca-Cola has continually hired for internal cybersecurity roles. In January 2024, it introduced a vulnerability disclosure partnership with Intigriti, to further identify and patch vulnerabilities.   

Heineken, Netherlands 

The former head of security at Heineken set a precedent for the importance of cybersecurity measures at the company. He introduced meticulous examinations of systems and defenses, leading to tailor-made cybersecurity strategies. Heineken UK’s cybersecurity enhancements were shaped by a comprehensive understanding of their vulnerabilities, industry benchmarks, and the broader threat landscape, ensuring they remain resilient against evolving cyber threats.  

In 2019, Heineken was part of a team alongside the Netherlands’ National Cyber Security Centre in winning an exercise that simulated a wave of cybersecurity attacks that would threaten country-wide service shutdowns. This illustrates the wealth of knowledge Heineken has to offer on cybersecurity measures.   

Heineken has a partnership with the security management firm Human Risks. The partnership aims to oversee global operations, protection workers, assets, and increasingly digital operations. In 2022, it also partnered with Microsoft to adopt security solutions and protect assets. The Azure Active Directory helps with identity protection as operations are becoming more hybrid. Clear data protection actions are available across Heineken’s operations to educate workers on data privacy and information security.   

Nestlé, Switzerland 

Nestlé has experienced several high-profile security breaches in recent years. In March 2022, the hacker group Anonymous claimed a breach in Nestlé’s systems after it did not pull operations entirely from Russia. The data breach turned out to be information accidentally leaked by a staff member earlier in the year. However, Nestlé did feel threatened enough to minimize operations in Russia even further. In April 2024, hacker group R00TK1T announced it had entered Nestlé systems.  

As a prominent target for cyber threats, Nestlé has a custom-built Azure Machine Learning system to help prevent security threats. The company also partnered with Microsoft for security solutions. Nestlé and Microsoft have created a PhishScreener tool to help uncover phishing attempts before employees have the time to click the links. It also has company-wide data protection and privacy notices and tools for employees to understand the extensive value chain at risk and ways to mitigate against potential issues.  

Smurfit Kappa, Ireland 

Smurfit Kappa Security Concepts (SKSC) specializes in high-security printing and identity management solutions, providing secure passports, biometric cards, fiscal stamps, vehicle certificates, ballot papers, and other security products. For example, SKSC’s passport service prints and supplies International Civil Aviation Organization-compliant machine-readable passports and e-passports to the Irish government. Its design team also protects the integrity of secure documents using Jura’s security design software.   

Furthermore, SKSC’s software solutions provide secure interfaces for passport enrolment, data management, production management, and chip encoding. Security Card Concepts is a digital security company that is part of SKSC and provides secure digital identity solutions and transport keys in the production of polycarbonate and PVC cards.  

Verallia, France 

Verallia’s central cybersecurity team is controlled by the company’s head of information systems security. The cybersecurity team is an international organization that provides a main support line across the company’s locations. Verallia’s IT department also has a security operation center (SOC), managed by a European partner. The firm aims to further protect its data and information systems by training employees annually about cyber threats and risks, particularly ransomware and phishing. Verallia regularly conducts attack simulations to test its cybersecurity resilience and compliance. Verallia has a cyber disaster plan that is regularly tested and backed up and has also taken out an insurance company covering cybercrime.  

Whitbread, UK 

In recent years, Whitbread has suffered several data breaches. In June 2018, the third-party provider of Whitbread’s recruitment portal was the subject of a cyberattack. The personal data of many prospective employees was accessed without authorization, leaving applicants vulnerable to identity theft.   

Since then, Whitbread has made cybersecurity a higher priority. It has a specialist cybersecurity team, dedicated to updating the company’s antivirus software, testing for vulnerabilities, and monitoring the network and systems. It also enforces mandatory information security training for its employees.  

Akamai Technologies, US 

Akamai Technologies offers cloud-based solutions for optimizing and securing online content for business applications. The range of security products and solutions encompass fraud protection, zero trust security as well as infrastructure security. Clients include Alibaba, Coca-Cola, and IKEA as well as businesses in other sectors like Japan Airlines and Lufthansa.   

The Honey Baked Ham Company uses Akamai as its cybersecurity vendor. Protection against unauthorized access and data breaches following a rise in ransomware attacks on agricultural producers was wanted. Akamai helped strengthen existing firewalls that were deemed lackluster and advised on risk and compliance issues over confidential data storage. The software-based approach and infrastructure security measures that Akamai offers allow for companywide cohesion for the security of Honey Baked Ham.  

Fortra, US 

Fortra has established a cybersecurity division that simplifies the complexities of the cybersecurity landscape by integrating complementary products to tackle challenges innovatively. These solutions are scalable and adapt to the rapidly changing cybersecurity threats organizations face.  

The division offers four main solutions: penetration testing, red teaming with advanced adversary simulation tools, offensive security measures, and identity and access management.  

Additionally, Fortra has entered the consumer market with Wi-Fi routers designed to defend against malware attacks. These routers have a core feature that detects anomalies indicating a virus in connected devices like mobile phones, computers, and household gadgets. When a threat is detected, the router isolates the affected device from the rest of the network and can update its software to shield against new threats.  

HackerOne, US 

HackerOne is a security platform powered by ethical hackers. Founded in 2012, hackers and security leaders developed a platform to report bug bounties and identify issues in company systems. Hacktivists who identify bugs in a company’s software and technology can disclose them on the platform and provide support in fixing them. As well as bug bounties, the company offers offensive testing and source code auditing. HackerOne provides solutions for AI safety, cloud security, and continuous vulnerability and testing. Notable users of its platform include the US Department of Defense, AT&T, IBM, Ford, and TikTok.   

HackerOne has worked with consumer companies including Shopify, Starbucks, and Instacart. Since 2015, HackerOne has helped Shopify identify 1875 potential vulnerabilities. The vulnerabilities are reported on the bug-bounty platform and step-by-step solutions have been offered to strengthen efforts against cyberattacks. 1752 vulnerabilities in Starbucks systems have been added to the platform and 440 identified for Instacart.   

Honeywell, US 

The well-known consumer giant partnered with the cybersecurity specialist Sparta Systems in 2020. The company worked to help consumer companies to improve their transparency and protect customer data.  

One of their key offerings was Trackwise, a quality management system software platform. This platform streamlined quality and compliance management processes by automating tasks such as complaint handling, document control, and training management. It provided businesses with a centralized solution to ensure adherence to the strictest security and compliance standards. By using a multi-layered approach, companies could prioritize their focus away from cybersecurity threats and improve operational efficiency.  

Scantrust, Switzerland 

Scantrust is a Swiss company that provides traceability for various industries, such as luxury goods, food products, industrial machines, water filters, cables, agrochemical products, and fiscal stamps. It creates QR codes that use anti-counterfeiting technology. It has been used by billions of products in over 185 different countries.  

It has partnered with HP to introduce a new solution that will use ScanTrust’s secure QR codes digitally printed on HP Indigo, enabling brands and industrial companies to track and trace goods to eliminate counterfeiting and improve supply chain traceability. Similarly, the QR codes are used by multiple vineyards like Marchesi Antinori and Baia’s Wine as anti-counterfeiting measures to secure and maintain supply chain traceability.