Industry Topics

Cyber Security


FMI remains committed to improving security through ongoing initiatives. Although we cannot prevent a cyber-attack or data breach from occurring, we can manage risks through education, process improvements and technology enhancements or additions.

If you have any questions, please contact Rhett Asher.

LATEST NEWS

Newest Member Resources

Operational Guidelines for Mitigating and Responding to a Data Breach 
This manual offers step-by-step guidelines on how to protect, react and respond to cyber security issues and concerns. 

Recommended Guidelines for Protecting Digital Assets 
This document serves as a reference and template for both review and potential implementation within FMI member companies. This document can be used in parts or in whole depending on the unique nature of each individual company.

Third Party Notification Letter Template
After reviewing the Cyber Corner post on vendor management, this template can be used to create your own third party notification letter. 



Just in Time Breach Alerts

FMI is working with our consultant partners at Fortalice, LLC and federal law enforcement to bring you the most up-to-date information and resources in the fight against cyber-crime and data security. We are constantly monitoring all data breach incidents within the retail industry and sharing “Just In Time Alerts” with you when a breach happens or other important information is released - in an effort to ensure FMI members receive as much information as possible to mitigate risk to their organizations.

Cyber Corner Posts 

Each month, FMI provides food retail industry-specific cyber security information in its "Cyber Corner." These key topics will be supplemented with additional content including guidance on best practices, and practical steps. You can also learn about products that FMI is providing as part of an ongoing membership benefit.

Webinars

  • Building a Strong PasswordNEW Provided by FMI's Trusted Cyber Partners Fortalice Solutions, this webinar demonstrates why strong passwords are vital in cyber security and how to build strong passwords. For additional information, click here.
  • Cybercrimes Webinar FMI, in conjunction with the International Association of Interviewers (IAI), recently collaborated on a webinar featuring two industry experts from Fortalice, LLC who offered new perspective on emerging threats for cybercrimes.

Communications Resources


State Resources

  • Security Breach Notification Chart - Perkins Coie's Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification.  The chart is for informational purposes only and is intended as an aid in understanding each state's unique security breach notification requirements.  Lawyers, compliance professionals, and business owners have told us that the chart has been helpful when preparing for and responding to data breaches. 

Tips and Tools

  • US-CERT- tips and advice on common security issues for non-technical computer users.
  • US-CERT Posters and Brochures - guidance on physical and cyber security and how to report suspicious behavior, activity, and cyber incidents.
  • US-CERT Mailing Lists and Feeds -  variety of products including the National Cyber Awareness System and Current Activity updates. The National Cyber Awareness System was created to ensure access to timely information about security topics and threats.
  • Cyber Security Evaluation Tool - tools to assess a company's control system and information technology network security practices against recognized industry standards.
  • NIST Glossary of Key Information Security Terms - glossary of terms and definitions most commonly used in NIST information security publications and in CNSS information assurance publications.
  • Guide to Better Passwords - It is important to remember why strong passwords are crucial: passwords are often the first (and possibly only) defense against intrusion.
  • Common Sense Guide to Mitigating Insider Threats - practices that organizations should implement to prevent and detect insider threats, as well as case studies of organizations that failed to do so.

General Resources:

  •  2014 Security Predictions - predictions to help prepare your network defenses for a safe and secure 2014.
  • 2014 Global Security Report – a valuable resource for businesses (free download from Trustwave).
  •  2014 Data Breach Investigations Report - this year’s DBIR combines the expertise of 19 organizations from around the globe. Download the report to discover stats that might surprise you—from the percentage of espionage-related attacks to the astonishing length of time it often takes to spot a security breach. By knowing today’s threats, you can better protect your organization tomorrow.