Cisco at Web Summit 2021: Elevating Female Founders and Driving Small Business Success

This blog article was originally published by Cisco. To view the original article, click here

Small businesses make up 99% of the world’s business population, yet women-led start-ups received only 2.3% of Venture Capital funding in 2020, according to Harvard Business Review. This is particularly concerning in today’s business landscape, where much of the economy’s recovery rests upon small business’ own return to growth.

Cisco at Web Summit 2021: Powering a More Inclusive Future for All

At Cisco, our company purpose is to power an inclusive future for all. Ensuring equitable access to opportunities for all is in our DNA and so naturally, we want to be part of solving this problem.

This month, Cisco attended Web Summit, a global forum that brings people and companies together at the intersection of technology, people and culture. Attendees continue to search for ways to redefine business and the global technology industry whilst driving inclusion. Cisco contributed to this conversation with our focus on hybrid work and demonstrated that by bringing people together no matter where they are, we can bring more voices to the table and be more inclusive.

I was also thrilled to see the ever-growing number of female speakers at the event this year, and had the honour to be part of the incredible line-up. Cisco hosted a Masterclass Session where we heard female founders’ perspectives and gained insights into the hustle behind creating successful lifestyle brands. Attendees were treated to stories, insights and tips from Hannah Mitchell, CEO and Founder of and Hayze Bridal, and Bianca Bridges, CEO and Founder of Breakfast London and Sweathouse.

Hannah and Bianca shared how they’ve leveraged technology, combined with their grit and entrepreneurial spirit, to get to where they are today. Attendees loved the opportunity to connect with like-minded founders, were inspired to take new and bold steps with their business, and met accountability partners to include as part of their personal network to keep them on track with commitments. I’m excited to see how our impact and commitments we made together will continue as attendees connect again with their new accountability partners on November 19th for Women’s Entrepreneurship Day.

You can learn more about Cisco’s presence at Web Summit here.

Read More

Happy Birthday to the ‘Father of Fiber Optics’

If you went to do a Google search today, you probably noticed there was a Google-doodle for Nov. 4 honoring Charles K. Kao’s (known as the ‘Father of Fiberoptic) birthday. Having started as a fiberoptic network cabling company, Compulink would just like to say, happy birthday to the man who pioneered one of the biggest innovations in technology and information sharing over the last 100 years. 

To celebrate, we have compiled a few facts about Charles’ life and impact on the IT world:

  1. Charles was born in 1933 in Shanghai, China
  2. Charles K. Kao received the Nobel Prize in Physics for his “groundbreaking achievements concerning the transmission of light in fibers for optical communication.”
  3. In 1966, Kao and fellow engineer, George Hockham proposed that fibers made of ultra-pure glass could transmit light for distances of miles without a total loss of signal, and in 1970, the first fiber-optic cable was successfully created.
  4. Kao is nicknamed as the “godfather of broadband” as well as the “father of fiber optics”
  5. Kao was knighted by Queen Elizabeth II for his “services to fiber optics 
Read More

Russian SolarWinds hackers have a new target: the global tech supply chain

This Article was originally published on Click here to view the original article.

Microsoft Corp. said the hackers behind the SolarWinds cyberattack are engaged in a fresh campaign to compromise global networks by targeting the tech supply chain, including resellers and providers of cloud technology.

Microsoft attributes the coordinated attack, which was first observed in May, to a group called Nobelium, the same state-sponsored Russian hackers who used sophisticated intrusion techniques in 2020 to infect with malware as many as 18,000 customers of Texas-based software company SolarWinds Corp. More than 140 technology service providers and resellers have been notified as recent targets of the hackers and 14 of them are believed to have been compromised, Microsoft said in a blog on Monday.

Nobelium was also behind an attack on IT companies, governments, think tanks and financial service entities earlier this year that spanned 36 countries, Microsoft announced in June.

When they met in Geneva in the summer, U.S. President Joe Biden said he gave Russian President Vladimir Putin a list of 16 critical sectors that shouldn’t be hacked to deter a cyber response from the U.S. government, but the attacks have continued. The Kremlin, for its part, has repeatedly denied responsibility for any hacking attacks.

This time, between July and October this year, “we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits,” Microsoft Corporate Vice President of Customer Security and Trust Tom Burt wrote. 

The Redmond, Washington-based company said this activity was another indicator that “Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain, and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”

The White House, which issued an executive order in May this year urging the private sector to bolster its cyber defenses, said it was increasing its intelligence sharing and other measures to protect against cyber threats.

The attacks described in the Microsoft blog were unsophisticated operations attempted daily by Russia and other foreign governments. The attackers weren’t attempting to exploit any flaws or vulnerabilities in software but instead using “well-known” techniques to steal credentials, the blog said.

Read More

Comptroller Stringer: Annual Making the Grade Report Reveals City Fails to do Business with More Than 80 Percent of M/WBEs

(New York, NY) – Today, New York City Comptroller Scott M. Stringer released the eighth annual “Making the Grade: New York City Agency Report Card on M/WBEs” report, finding that 84 percent of M/WBEs still do not have access to City spending. The share of M/WBEs receiving City dollars has never exceeded 22 percent since FY 2015. The Comptroller announced that the City fell to a “C-” Grade for M/WBE Spending in FY 2021 after two consecutive passing “C” grades. This year’s report examined the rollout of Chief Diversity Officers across the country, after years of advocacy led to an Executive Order appointing Chief Diversity Officers within every New York City agency.

“Over the last eight years, my office has given voice to solutions from M/WBEs directly on how the City can better connect them with opportunities, which has led to real change. But there is still room for significant improvement,” said Comptroller Stringer. “As this administration prepares to leave office, it is clear that the City, from the next Mayor and Comptroller to the next City Council, have abundant opportunities to address the systemic inequities experienced by communities of color especially as we continue to rebuild our economy amid the COVID-19 pandemic.”

“Making the Grade,” published annually since 2014 by the New York City Comptroller, evaluates the performance of the City’s M/WBE program and makes recommendations for its improvement. “Making The Grade” assesses 32 City agencies – and the City overall – on progress in spending with minority and women-owned businesses (M/WBEs) and is a diagnostic tool for agencies to improve performance and transparency in M/WBE spending, increase competition in City procurement and save taxpayer dollars.

Highlights in the 2021 “Making the Grade” report include:

  • The City awarded $30.4 billion in contracts in FY 2021, of which only $1.166 billion (equal to 3.8 percent) were awarded to M/WBEs.
  • The City has nearly tripled the number of certified M/WBE firms since FY 2015. However, of more than 10,500 certified M/WBEs, 8,886—84 percent—did not receive City spending in FY 2021. The share of certified M/WBEs receiving City dollars has never exceeded 22 percent since FY 2015.
  • The City spent $1.27 billion with M/WBEs, an additional $261 million from FY 2020 and an increase of more than $900 million since FY 2014. The City earned a “C-” grade for M/WBE spending in FY 2021.
  • Since 2014, the City has improved its grades with Asian Americans, Hispanic Americans, and women-owned businesses, but it has been unable to improve its “F” grade with African American-owned businesses over the last eight years. In FY 2021, the City earned a “B” grade with Asian American-owned businesses, a “D” with Hispanic American- and women-owned businesses, and an “F” with African American- owned businesses.
  • Two mayoral agencies: The Commission on Human Rights and Department for the Aging earned their fifth consecutive “A” grades; both spent more than 50 percent of their Local Law 1-eligible dollars with M/WBEs.
  • The Department of Transportation received an “F” grade, spending less than five percent of its Local Law 1-eligible dollars with M/WBEs.
  • In FY 2021, eleven grades remained the same, three agencies improved their grades, and 18 agency grades- over half- declined from FY 2020.
  • The Comptroller’s Office earned its third consecutive “A” grade. Over the last eight years, the Comptroller’s Office increased its M/WBE spending from 13 percent in FY2013 to approximately 53 percent in FY2021.
  • In 2020, Comptroller Stringer announced that the Office’s registration process would now include a rigorous review of M/WBE goals on City contracts. Between November 2020 and May 2021, the Comptroller’s Office registered 63 contracts subject to Local Law 1. Of these, 42 contracts, or about 67 percent, had M/WBE goals below 30 percent.

The Future of Chief Diversity Officers in the Public and Private Sectors

For six years, Comptroller Stringer called for a Chief Diversity Officer (CDO) in City Hall and every City agency to serve as executive-level strategists, driving the representation of people of color and women across government. In July 2020, Mayor Bill de Blasio signed an executive order to appoint Chief Diversity Officers in every City agency. Although there is still no CDO with a citywide portfolio in City Hall, Comptroller Stringer finds growing implementation of the role across the public and private sector:

  • Thirty-six of the 50 most populous cities across the U.S. have appointed CDOs, and more than half of them report to the Mayor or City Manager.
  • Several federal agencies and the Executive Office of the U.S. President have implemented executive-level equity efforts.
  • Hiring of CDOs tripled between December 2019 and March 2021 within the S&P 500.
  • However, just 14 of the City’s top 50 vendors—which have collectively received over $5 billion from the City of New York—have publicly announced CDOs.

Utilization of M/WBEs during COVID-19

In July 2020, Comptroller Stringer’s Office surveyed 500 M/WBEs on the impact of COVID-19, finding that 85 percent of M/WBE firms projected less than six months of survival. A follow up survey from the Comptroller’s Office found that 50 percent of M/WBEs were forced to lay off or furlough employees. This report examines City spending with M/WBEs, finding that:
This report follows up on that survey, finding that:

  • Between March 2020 and July 2021, the City spent over $3.5 billion in COVID-19-related goods and services, and just 16 percent, or $554 million, went to M/WBEs.
  • Specifically, the City spent about $308 million, or about nine percent with women-owned businesses; $161.2 million, or about five percent, with Asian American-owned businesses; $43.2 million, or about one percent, with African American-owned businesses, and $41.2 million, or about one percent, with Hispanic American-owned businesses.
  • Two agencies alone made up more than 40 percent of the City’s total pandemic-related dollars. The Department of Citywide Administrative Services spent over $803 million and just ten percent went to M/WBEs. By contrast, the Department of Sanitation spent more than $732 million, and M/WBEs received 25 percent of those dollars.


Each year, Comptroller Stringer puts forth recommendations meant to reduce barriers and increase opportunities for M/WBEs. These recommendations are informed by needs identified by the Comptroller’s COVID-19 survey, the City’s M/WBE spending data, a series of focus groups with M/WBEs, and the Comptroller’s Advisory Council on Economic Growth through Diversity and Inclusion. As this administration prepares to leave office, we urge the next cohort of citywide leadership to prioritize diversity, equity, and inclusion within their first 100 days of office.

All incoming Citywide officials should appoint executive-level Chief Diversity Officers. The mayoral CDO should oversee the rollout of the City’s programs designed to increase diversity and inclusion within the City, and they should also play a role in the City’s Budget and should have oversight over agency Chief Diversity Officers to ensure a unified citywide inclusion effort In addition, the City Council should consider implementing CDOs, who should conduct racial impact analyses when legislation being considered, where appropriate. Other city officials should also consider implementing CDOs, including the Borough Presidents, the New York Public Advocate, and District Attorneys.

The next City leaders should adopt the Rooney Rule to ensure that their cabinets are diverse, and that they engage with communities of color, including M/WBEs, to develop their administrations’ goals. The Comptroller’s Office worked with more than 30 public companies to adopt the Rooney Rule, which requires them to include women and people of color in every future CEO search, as first adopted by the National Football League. In light of the success of this policy, the City should consider adopting the Rooney Rule for every cabinet-level position.

The next Comptroller should conduct a racial equity audit of the City’s agencies. With the signing of President Biden’s Executive Order On Advancing Racial Equity and Support for Underserved Communities Through the Federal Government, all federal agencies have been mandated to perform an equity assessment to address systemic barriers erected by government which have adversely impacted communities of color. The next Comptroller should mirror this federal effort citywide through an audit of all City agencies. The audit should examine supplier diversity gaps, workforce diversity gaps, pay equity gaps, and agency policies and practices that are systemically biased against communities of color.

The next Mayor should create a plan to close the gap between certification and receiving City spending for M/WBEs. Over the course of the last eight years, the City has almost tripled its list of certified M/WBEs from just 4,000 to almost 11,000 businesses. However, no more than 2,000 M/WBEs have ever received City contract dollars in a given year. Within their first 100 days, the next Mayor should create a plan to close the gap between the number of people in the program and the number of M/WBEs that win contracts.

The New York City Council should reassess M/WBE legislation with a targeted focus on goals. One of New York City’s most powerful tools in creating opportunities for M/WBEs is subcontracting. However, this report has shown that almost 70 percent of Local Law 1-eliglble contracts in FY 2021 were assigned goals below the City’s standard of 30 percent. This translated into just 437 M/WBEs receiving subcontracting dollars in FY 2021 – less than five percent of all certified firms. The next City Council should reassess M/WBE legislation with a targeted focus on goals. The Council should review ways that the City can use its full purchasing power to set aggressive M/WBE goals wherever there is M/WBE availability. For example, it should also explore more flexibility when it comes to criteria for granting waivers, including considerations of market availability of M/WBEs and industry standards around subcontracting. In addition, City Council should also utilize the next disparity study to expand the universe of businesses able to participate in the goals program, such as firms with LGBTQIA+ and disabled owners, immigrant-owned firms, and cooperatives.

To read Comptroller Stringer’s eighth annual Making the Grade: New York City Agency Report Card on M/WBEs” report, click here.

Read More

Compulink Proud to Announce It Has Been Named A Top 10 Government Tech Solution Provider By MYTECHMAG

To view the original press release, click here

New York, (New York) Oct. 11, 2021 

Compulink Technologies, Inc. is proud to announce it has been named a 2021 ‘Top 10 Government Tech Solution Provider’ by MYTECHMAG.

MYTECHMAG is a reputable IT magazine that represents the voice of prominent technology decision makers across the country. Hailed as one of the most significant achievements by the government sector, ‘The Top Government Tech Companies’ is the leading national award that recognizes “[businesses] that have translated their expertise into successful technology deliveries to address the unique challenges of Government.”

“For 35 years, we have provided government clients with best-in-class solutions to help streamline their operations and maximize the efficiency of their budgetary constraints,” said Rafael Arboleda, President and CEO of Compulink Technologies. “Compulink is honored to be recognized for our achievements and to be awarded as a ‘Top 10 Government Tech Solution Provider.’”

The annual award is given to the top 10 government solution providers in the country who “enable governments to adapt to changing environments and support citizens with greater confidence and speed.” This marks a significant milestone for Compulink Technologies, especially considering the obstacles and hurdles that businesses faced in a market-disrupting year where supply chains and distributors had limited stock.

“The strong strategic alliances we hold with our manufacturers has been crucial towards ensuring the continuation of government operations,” said Rafael. “Even though there were severe market shortages, we were able to provide key IT products and solutions to our government clients when they needed them most.”

Compulink sees itself as the best resource for IT services and solutions for the government. They have grown rapidly over the past five years and continue to expand.

“This is a very exciting time in the IT industry because there is always a new tool or technology in the works. Our plan is to capitalize on these emerging new technologies by continuing to add and expand new services and solutions to our portfolio, so our clients have the best resources available to meet their needs,” said Rafael Arboleda.

View the article here –

About Compulink Technologies, Inc.
Compulink Technologies, Inc. was founded in New York city originally as a network cabling installation company, but has since evolved into a leading provider of technology solutions and services. As of 2021, Compulink Technologies, Inc. has helped thousands of companies across multiple industries achieve their IT potential through a customer-focused sales approach and commitment to client satisfaction. Compulink Technologies, Inc. is proud to be an MBE and is dedicated to helping minorities in business find success.

Follow us on social media |
Copyright © 2021 Compulink. All Rights Reserved

MYTECHMAG is a growing digital outlet of informative and digitally oriented content that connects the readers with the latest trends as the industries worldwide pivot towards technology and digital transformation.

Read More

Top 5 Benefits of Utilizing a Managed Network Service Provider

Most businesses assume that the only option for network management is to delegate tasks to an in-house IT team, but that’s the far from the truth. Managed network service providers like Compulink Technologies help provide expert support and service, so you and your team are free to focus on other areas of your business. There are many benefits of utilizing a a managed network service provider, and by entrusting tasks such as security, network administration and backup to a reputable MNSP like Compulink, you can be assured to save money, time and get access to expert engineers who will function as an extension of your own team.
Here are the top five reasons why your team should consider outsourcing to a managed network service provider.
  1. Greater Network Performance – MSP’s like Compulink are better equipped than most internal IT teams to handle the overall performance of a network. A high-quality network performance is imperative for business that want to increase their work efficiency, especially now that teams are more scattered and on remote environments. It is up to the network administrator to ensure that the network’s services are running smoothly, and this takes a lot of time including, monitoring, reviewing and improving the network services. By outsourcing the administrator role to an experienced MSP, companies get access to highly trained engineers that monitor and improve any network discrepancies. This allows for an overall faster network as well as less downtimes. 
  2. 24x7x365 Monitoring and Support – Network outages, security breaches and other troublesome IT nightmare can happen at anytime. Having a staff on-call to monitor and resolve these issues can be extremely costly as well as impractical (what if your top engineer is away on vacation during an outage?). By utilizing a managed network service provider you will never have to worry about one of these costly and potentially business crippling problems. Your team will always have an expert engineer monitoring your network, so you and your team can rest easy and not sweat one of these issues. 
  3. Access to New Technology Solutions – If businesses want to stay ahead of the game, they need to have the latest technology to support their operations. However, this is easier said than done due to the constant innovations in tech and the fast clip at which they arrive. IT leaders are  often left scrambling to find and implement new solutions or upgrades to their network, which can leave businesses at risk of falling behind and losing operational efficiency. Managed network service providers alleviate that burden so you and your team won’t have to. Your MSP will recommend and implement solutions that align with your strategic objectives so you and your team will always have the best solutions and can stay ahead of your competition. 
  4. Controlled Operational Costs – A recent poll (source) found that over 46% of companies that utilized a MSP reduced operation, maintenance, service, hardware, software, and infrastructure costs by at least 25%. There are many reasons why operational costs decrease when companies leverage an MSP such as fixed monthly costs, upgrades are lower since they are usually included in the service plan, and team members do not require as much training since their work is outsourced. 
  5. Flexibility – With all of the aforementioned benefits listed above, your team will have the freedom and flexibility to tackle new projects without having to worry about other mission-critical items. All of the extra time and money you will save by outsourcing to an MSP will give your business the opportunity to get ahead and focus on future projects. 
Read More

Key facts about U.S. Hispanics and their diverse heritage

10 Facts about US Latinos for National Hispanic Heritage month

As an MWBE and business with Hispanic roots and heritage, Compulink is excited to celebrate National Hispanic Heritage month. Latino small-business onwers like Compulink are one of the fastest-growing groups of entrepreneurs in the US. Latino business owners grew by over 34% compared to 2010, yet still only make uo 1% of all business owners in the US, which is why it is so important to keep supporting these businesses as they continue to find their footing as key contributors to the US’ economy. To celebrate one of the nation’s fastest growing racial groups, we gathered 10 facts about US Latinos in honor of the monthlong celebration.

  1. The US Hispanic population reached over 62.1 million people in 2020, a 23% increase from 50 million when it was last recorded in 2010 (source: Pew Research).
  2. National Hispanic Heritage month began as a week-long celebration under President Lyndon B. Johnson in 1968, but was expanded to a month under President Ronald Reagan in 1988.
  3. National Hispanic Heritage month begins on September 15 and concludes on October 15.
  4. September 15, the day the monthlong celebration begins, plays a significant role due to the corresponding anniversaries of independence on the same day for the Latin American countries Costa Rica, El Salvador, Guatemala, Honduras and Nicaragua.
  5. Mexico and Chile also support their independence days on September 16 and September 18, respectively.
  6. Those with Mexican ancestry account for more than 62% of the total Hispanic population in the US (pew research)
  7. North and South Dakota have seen the fastest growth in their Hispanic Populations since 2010 (pew research)
  8. National Hispanic Heritage month honors the cultures, stories, history and impact of US citizens whose ancestors originated from Spain, Central America, Mexico, the Caribbean, and Central and South America.
  9. Hispanic Americans are the nation’s second-fastest-growing racial or ethnic group after Asian Americans (pew research).
  10. Over 80% of Latinos are US citizens (pew research).
Read More

Top 5 Reasons to Utilize a Managed Security Service Provider

Investing in a team of internal cybersecurity experts can be costly, due to the amount of resources dedicated to training, solution upgrades and salary costs. SMB’s and medium-sized businesses are starting to see the increased value in outsourcing their security needs to a managed security service provider for a variety of reasons. Here are the top five reasons to utilize a managed security service provider:
  1. Cost Savings – Cybersecurity is one of the most in-demand positions in the field of IT, and as such, it is also one of the most expensive positions to fill. By hiring out to a MSSP, your team is guaranteed to save money on salary fees, training requirements and other costs associated with hiring an internal security team. Managed security service providers bundle these costs together so that you are able to forecast your budget ahead of time with pinpoint accuracy, and your team always has the option to scale your monthly package up or down, depending on your needs.
  2. Advanced Protection from Threats – Cybersecurity hackers are constantly evolving with the sophistication in their attacks. That is why is so important for businesses to have the latest software and upgrades installed on their network, so that they are protected from the threat of attacks. By hiring out your security needs to an MSSP, your team will never have to worry about updating, installing or purchasing these tools because your MSSP will handle this and will have the insight into what the best tools are as well for your particular environment. 
  3. Rapid Response to Threats – The beauty of hiring an MSSP is that your environment will be closely monitored 24x7x365, so if there is ever a security incident, your team can rest assured that your MSSP will respond to the threat instantly. 
  4. Compliance – Industries like healthcare and the government require security compliance measures, or else they risk fines and penalties. By outsourcing to a company that has a strong knowledge of government compliance and security like Compulink, your team can rest assured that your infrastructure is not only secure, but is also meeting HIPPA and government regulation standards. 
  5. Rest Easy – By outsourcing your security needs to a managed security service provider, you not only save money, get the best tools and have continuous monitoring, you will also have a team of security experts at your disposal that will become an extension of your own team. Let’s face it, monitoring security threats all the time can be exhausting and time-consuming. With our team of security experts, you can rest easy knowing that you are protected so you and your team can focus on other mission critical areas of your business. 
Read More

Top 5 Benefits of Utilizing a Managed Cloud Service Provider

The cloud is the answer for most companies looking to enhance their IT estate, but cloud-based environments also require constant maintenance, support and monitoring in order for them to be effective and secure. By outsourcing these tasks to a managed cloud service provider, like Compulink Technologies, companies can maximize the potential of the cloud and save money and time. Here are the top five reasons why you should utilize managed cloud services. 

  1. Future Technology – By utilizing a managed cloud service provider, you are guaranteed to have the best cloud technicians and engineers working on your environment. There are constant updates, upgrades and new technologies being released and it can be costly and time consuming to train internal staff to support these new releases. Having an expert team of cloud engineers at your disposal means that you and your team can focus on other mission critical areas of you business while still having the latest technology at your disposal. 
  2. Security – It can be difficult to secure a cloud-based environment due to the sheer size and complexity of where your assets live in your environment. These vulnerabilities can expose your network to malicious hackers that exploit the ‘entry points’ to your network if they are not secured properly, which can lead to serious risks for your business. By having a team of cloud experts managing your security, you can be assured that your entire network is fully secured and that there aren’t any exposed areas such as hacking into a printer and getting access to your entire network (one of the most common entry points for cyber attackers). 
  3. Save Money – Maintaining and managing a cloud-based environment can be very time-consuming and costly. Leveraging a managed cloud service provider, like Compulink Technologies, Inc., can help your staff by freeing up their time to focus on other critical areas of your business. Most of the time staffing a full-time IT department can be costly and unnecessary for certain small and medium-sized business, so outsourcing to a managed cloud service provider can help save time and money while also getting access to engineers with high-level expertise in cloud computing. 
  4. Flexibility and Predictable Costs – Once you and your managed cloud provider have had a consultation and devised a plan to support your business needs, you can expect to pay the same monthly costs throughout the year without any deviation. This can be extremely beneficial for being able to accurately forecast your budget needs throughout the year and allows you and your team the peace of mind that extra costs won’t be tacked on unknowingly. And if for some reason your team needs to either upgrade or downgrade your monthly plan, you can do so at any time and still receive an accurate, consistent cost associated with whatever route you decide on. 
  5. Compliance Support –  Government institutions and healthcare providers need to remain compliant with industry regulations, or else they can lead themselves into serious trouble. By outsourcing to a cloud managed service provider like Compulink, we can help you stay compliant and ensure you are in accordance with industry regulations. 
Read More

The Food Industry May Be Finally Paying Attention To Its Weakness To Cyberattacks

This article was originally published by NPR. To view the original article, click here

A recent ransomware attack on the world’s biggest meatpacker is raising questions about cybersecurity in the food industry and about whether the industry is so concentrated in a few hands it is more vulnerable to sudden shocks.

The company, Brazil-based JBS, is a giant in the meat industry, with operations all over the world. The attack forced it to shut down several plants in the U.S. and Australia, which briefly rattled beef markets. But the plants soon came back online, and JBS downplayed the impact, saying it lost less than a day’s worth of production. The company admitted it had paid $11 million in ransom to the hackers.

But according to John Hoffman, a senior research fellow at the Food Protection and Defense Institute at the University of Minnesota, the attack has continued to reverberate. Hoffman says he’s receiving a wave of inquiries about cybersecurity from industry executives who previously were inclined to disregard his warnings.

“People just didn’t accept that it was that big of a risk,” he says. “I think that’s changed today. I’ve already heard from folks in government [that] it’s changed. People are looking at this and saying, ‘OK, we’ve got to do something.’ “

According to Hoffman, many food companies’ computer systems are vulnerable. “If you go to factory floors around this country, you’re going to find a wide range of outdated software still being used, and computer devices that aren’t secure,” he says.

He recalls a visit to one plant a few years ago — he won’t say which company — where he noticed a supervisor sitting at a computer on the production floor, monitoring operations. Hoffman could see it was running an old operating system, Windows 98. He asked the plant manager and a top executive of the company, who were giving him the tour, whether the computer was connected to the internet. “And they say, ‘Oh, no, no. This isn’t connected to the internet.’ “

Hoffman then talked to the supervisor on duty, who acknowledged he could log into that computer from home to monitor and control equipment in the plant. The company hadn’t taken steps to secure that access using, for instance, a virtual private network, or VPN.

“There it is. That’s the definition of vulnerability,” Hoffman says. In fact, food itself is vulnerable, because those computers “are controlling valves and monitoring temperatures, controlling mixes of additives to food. These are part of food safety.”

Hoffman has been pushing for the government to enforce computer security standards in the food industry in the same way it enforces food safety standards. Currently, food safety regulations don’t explicitly address cybersecurity.

Other longtime critics of the meat industry, such as Diana Moss, president of the American Antitrust Institute, are drawing another lesson from the JBS attack. Moss says the industry is too concentrated in the hands of too few companies, so a problem in just one company can disrupt supplies for millions of consumers.

“What we have, in the meat supply chain, is a cartel,” she says. Just four companies, including JBS, slaughter about 85% of the country’s cattle that are raised for beef. Those companies operate giant, centralized slaughterhouses. Moss says a small number of companies also dominate chicken production, flour milling and other kinds of food processing.

“When you have only a few firms, in this critical midstream part of the supply chain — processing, manufacturing — the supply chain becomes very unstable. It lacks resiliency and is very subject to shocks to the system,” she says.

The biggest recent shock was the COVID-19 pandemic when the coronavirus spread rapidly among workers at meatpacking plants. Hundreds of workers died. Companies were forced to suspend operations at some of the largest processing plants, leaving many ranchers and pork farmers with no place to take their animals.

Kathryn Bedell, a rancher in Colorado, says that 60 years ago, “processing was more regionally distributed, and we would have never faced this problem. You wouldn’t have noticed either the pandemic or the JBS [ransomware] problem.”

The U.S. Department of Agriculture appears to be sympathetic to these arguments. The USDA is offering grants to support small and medium-size meat processors, and it recently asked for public comment on ways to build “more resilient, diverse, and secure supply chains.”

The North American Meat Institute, which represents meat producers such as JBS, says the existing supply chain is already resilient. Mark Dopp, NAMI’s senior vice president of regulatory and scientific affairs, told the USDA that during the pandemic, “the industry fared reasonably well in extraordinary circumstances,” and that “suggestions that the government needs to step in and ‘do something’ may be trying to fix something that is not broken.”

A NAMI spokesperson pointed out that the cyberattack on JBS ultimately caused little disruption and said that meat companies reacted immediately to that attack and reviewed their own computer systems to ensure they were secure.

Read More