A roadmap for adapting cyber security guidelines for small and medium sized food manufacturers

Cyber security (CS) is becoming increasingly important in all industries. This paper closely examines this development in the food industry. Currently, the government recommended CS standards focus on general and generic aspects and do not consider industry specific points in Germany or the US. Although an industry specific guideline for companies operating in the food industry is available in Switzerland, there are still some difficulties in its implementation. In addition, small- and medium-sized enterprises(SME) have even larger issues to address due to for example a lack of resources. This thesis therefore presents the development of a roadmap for CS experts regarding how existing CS guidelines can be adapted and extended for SMEs operating in the food industry. During several interviews with SMEs in the food industry as well as with CS experts from Germany and Switzerland, some points of action were revealed, which were then checked against existing government-recommended CS guidelines from Switzerland, Germany, and the US through an extensive literature comparison. The comparison showed that the demanded points of action are not fully addressed in existing standards and that the developed roadmap can provide useful contributions. In summary, according to the interview findings, the food industry would benefit by implementing this roadmap to obtain a tool to secure SMEs in the food industry.