When it comes to cybersecurity, history writes that no industry is exempt. Even pet food suppliers need to keep up, lest they find themselves in a cat-astrophic kibble crisis.
For instance, in 2017, the UK experienced a cat food shortage due to a cyberattack on Royal Canin, a major supplier owned by candy manufacturer Mars.
The ransomware attack halted production by crippling computers running Microsoft Windows, highlighting the critical importance of cybersecurity in the pet food industry—a lesson well noted by major US-based Midwestern Pet Foods.
The hundred-year-old company operates four manufacturing facilities, manages eight remote locations, and distributes its products to over 70 countries worldwide.
And with Larry Lawrence, the company’s IT director, emphasising that within his role: “If it plugs into the network or connects to the internet, it falls under my responsibility,” the urgent need for a robust and autonomous cybersecurity arose.
“Patch management was the first and foremost headache that I had,” Lawrence describes to TI at this year’s Qualys Security Conference. “It was a manual patching environment, and we were always falling behind and unable to keep our systems up to date.”
In fact, he adds, the IT team were required to physically access more than 90% of the machines on site to keep them secure and so the team evaluated three patch management solutions – looking for ease-of-use and customer service. Eventually they settled on Qualys solutions.
While Midwesteren does deploy other cyber security tools within its stack, Lawrence declined to name them, “since bad actors love to know what you’re running to look for vulnerabilities.”
The tools the firm used from Qualys include the cyber security vendor’s cloud-based Patch Management solution which claims to automate the identification and deployment of software patches across an organisation’s IT landscape.
This tool integrates with Qualys; own Cloud Platform with the aim of providing visibility into both on-premises and cloud environments. With features like automated patch detection, customisable policies, and real-time compliance reporting, it claims to prioritise the most critical vulnerabilities using threat intelligence.
Automating these processes, the vendor claims, not only streamlines patching but also enhances security by reducing the organisation’s exposure to attacks.
The setup involved deploying Qualys virtual scanners and backend infrastructure to enable simplified system management. According to Lawrence, the integration process was straightforward, in part because the firm has been using the vendor’s products since 2018.
It’s got to be paw-fect
However, the company did encounter issues with missed assets, according to Lawrence, particularly those that were either deployed by other vendors or lacked initial cloud agent deployment. The IT head adds that Qualys CyberSecurity Asset Management (CSAM) platform helped identify these gaps by detecting new, previously unrecorded devices.
With guidance from its technical account manager, the petfood firm used Qualys Virtual Scanner to manage and patch any newly discovered assets efficiently.
Lawrence said that integrating these assets helped maintain the company’s security standards, demonstrating the ease and efficiency of the overall deployment process.
On top of this, the firm then implemented Qualys’ vulnerability management, and endpoint detection and response tools.
Since deployment, Lawrence says that his department’s workload has significantly reduced, allowing them to shift responsibilities and attention elsewhere.
“It’s a check-and-balance approach: if a vulnerability reappears on a machine, I know something changed, leading to remediation.”
In terms of investment, Lawrence adds that the cost of automating its patch management outweighs the expense of a potential compromise.
“It’s about understanding where your ROI comes in, and though it’s tough to predict a breach’s cost, imagine the smallest compromise affecting a quarter of your revenue potential – the cost of cybersecurity is minimal compared to that.”
