Cybersecurity is nothing new. The concept of cybersecurity dates back to the 1970s with Creeper virus, for some industries, and yet is still not a top priority. It’s perceived that certain industries (like banking and finance) are more at risk than others, the fact is that any industry delivering IP, revenue, and/or products in their value chain through technology is ‘fair game’ for a cyber-attack. And as technology advances so do cyber-attacks and industries that were thought to not be at risk are now targets for hackers.
The food industry has never been at the top of cyber-attacks, but as food production and distribution becomes global, ‘threat actors see the world’s dependence on a well-established food supply chain as an opportunity to use malware, such as ransomware, as leverage to achieve their nefarious aims.’[1]
Recent cyber-attacks to the food industry, such as JFC International in March 2021 and Loaves & Fishes in August the previous year have also raised industry concerns. And as the industry changes and becomes increasingly more dependent on technology to drive efficiency and production gains whilst keeping, keeping prices low with global distribution, it has generated a new type of concern and opened up new threats.
Mark Brown, Global MD for Cybersecurity and Information Resilience, Consulting Services at BSI, mentioned that: “Considering the risks of a cyber-attack, the good news is savvy food organizations around the world have started to take another look into their processes, their people, and technologies, and ensure ways to stay protected. In the fight against cybercrime, organizations must install multiple layers of complementary protection, from IT systems to network capabilities, routine procedures, and data protection. This last one is of extreme relevance when addressing cybercrime because reputational damage is one of the main outcomes of a cyber-attack, as ‘the value of a business depends largely on how well it guards its data, the strength of its cybersecurity, and its level of cyber resilience.’[2]”
“Although commonly understood as an IT skill and responsibility, cybersecurity goes beyond the IT team to be considered a C-suite concern” Mark added. It is not uncommon for food organizations to discuss food safety and food quality within their boardroom agendas, cybersecurity should be addressed in the same way, especially if boardroom discussions include digital innovation and technological improvements.
A recent article in IoT news magazine described an ingenious invention where an Ingestible IoT sensor monitors the health of livestock. The rise of new automation systems designed to improve food production quality and quantity is on the rise. More and more food producers and distributors are addressing their challenges with the aid of technology. Nowadays ‘large farms and ranches use automated and connected systems for everything from tractor autosteer systems to crop moisture testing to automated distribution warehouses’[3]. This digital transformation in food, and industry in general, is known as Industry 4.0, pinpointing the moment where cyber-physical systems; the internet of things (IoT); operational technology (OT), and networks took over from their 1970’s predecessors (automation; computer and electronics).
If industry 4.0 has changed the way we produce and distribute food, it has also changed the challenges faced by food producers and distributors. In 50 years, robotics and processes may be the biggest IT challenges faced by a food manufacturer. With Industry 4.0, these challenges now reflect new dynamics and often unknown or invisible threats. The new ‘smart’ world where everything is connected helps speed production and address worldwide food shortages in a manner of minutes, however, it can also hide new threats.
BSI has been raising awareness of these topics in a webinar series led by BSI experts and guest speakers discussing cybersecurity challenges across the industry. The series highlights the risks and solutions that can be addressed by the CEO, CFO, COO, CPO, and CMO’s focusing on the topics of industry 4.0, IoT and OT, and data privacy.
The last webinar of this series highlights the hidden cybersecurity risks associated with this Industry. In a joint session with WootCloud Inc. (a BSI technology partner), we will address solutions to uncover hidden cyber threats and how organizations can protect their business and people from cybercrime. Register here to attend the December webinar.
[1] Cybersecurity in the Food and Agriculture Industry | Cybersecurity Guide
[2] Cybercrime To Cost The World $10.5 Trillion Annually By 2025 (cybersecurityventures.com)
[3] Cybersecurity in the Food and Agriculture Industry | Cybersecurity Guide
