Revised guidelines to protect your business from deliberate attack

Posted: 24 November 2017 | | No comments yet

Britain’s Food Standards Agency (FSA) has revised its guidelines to food and drink manufacturers on protecting their businesses from deliberate attacks.


DON'T GET CAUGHT OUT: The reviewed guidelines give producers an insight in the motivation behind deliberate attacks

Fresh amendments have been made to a series of guidelines aimed at giving manufacturers the tools they need to safeguard their businesses from a range of threats.

The Publicly Available Specification (PAS 96) 2017 Guide to Protecting and Defending Food and Drink from Deliberate Attack is now in its ninth year and fourth edition.

On its 60-odd pages, including appendices, the threat food manufacturers face is broken down, advice given on how to assess for that threat and what to do if the worst does happen.

It aims to fill a gap left by the Hazard Analysis Critical Control Point (HACCP) principals which set out to tackle accidental contamination. These principals, though adopted globally, do not address the problem of deliberate attacks on systems and processes, the report says.

The update from 2014, when the last edition was brought out, has made a handful of alterations and additions. These include changes to the case studies offered by the types of threat. It provides more recent examples in economically motivated adulteration and several extra examples of cyber-attacks, assessments for the Threat Assessment Critical Control Point (TACCP) team have been added and there is now advice given on how companies can manage a cyber attack.

The FSA identifies six key types of threat and provides several case studies for each. These include: economically motivated adulteration, in which the perpetrator is often the manufacturer themselves trying to gain financially; espionage, in which a competitor is seeking commercial advantage; and malicious contamination, where the motivation can range from the desire to cause widespread illness or death to publicity.

The document offers profiles of the kind of people likely to deliberately damage food and drink products. The extortionist, for example, wants to gain financially without being caught. The disgruntled individual “believes the organization has been unfair to them and seeks revenge. The irrational individual, conversely, has no clear motive and has distorted preoccupations or priorities.

Threat Assessment Critical Control Point (TACCP) is offered by the FSA as a way in which food businesses might understand their risk, reducing it and consequences of an attack.

Related organisations

Related regions