In June 2021, the food industry received what should have been a tremendous wakeup call regarding cyber security, when cyber criminals employed ransomware to shut down the five largest U.S. beef processing plants owned by JBS S.A.
When cyber criminals hit a food processor of this magnitude or any company or organization of this size it doesn’t go unnoticed in the public eye. If you read between the lines of ransomware and other cyberattacks in recent times, you’ll understand that any food production facility of any size can be a target.
Not only is there a financial or data loss in the event of a cyber incident, but any interruption in food production can lead to food safety issues and waste not to mention lost customers and revenues as well as reputational damage to the brand. Shutdowns due to the COVID-19 pandemic years ago and the subsequent loss of customers who went elsewhere to source the food products they needed, are proof that food processors cannot afford to be sidelined even for a short period of time.
Making a cybersecurity plan
Food processors must focus on increasing their cyber security to reduce risk. They can protect themselves against a devastating cyberattack or recover from one by following these key best practices:
- Do a cybersecurity audit. Automation and data are the drivers of food production, and that creates prime targets for cyberattacks and thus added risk. With every part of a food company’s production system traced, tracked and verified electronically. Software and systems must be monitored and updated. It’s the only way to ensure they are strongly defended.
- Control access for all employees. Employees regardless of their level of employment or years of service, should have access only to the parts of the company network they need to do their jobs. Multifactor authentication and encryption should be mandatory to minimize unauthorized access and passwords being compromised.
- Automate vigilance. Endpoint detection and response can help address continuous monitoring and response to advanced threats. An automated security protocol can kick people engaging in unusual activity off the network. Other automated vigilance includes spam filters, website blockers and an application list to prevent the installation of unauthorized software.
- Train and re-train employees. Human error is still the greatest source of hacker infiltration. Train employees to take precautions and reiterate key security training concepts. Remind and re-train employees regularly on the importance of vigilance. It’s also important to respond to any security incidents promptly.
- Back up data and test the system. It is critical to scan across the entire network infrastructure, including databases. If a cyberattack occurs, quick access to data is key to overcoming the issue. Have data redundancy plans in place, such as a production copy, a local copy and a cloud-based copy and try to ensure that data is properly backed up and easily accessible should a cyberattack occur.
- Prepare incident response plans. Incident response plans should be developed. These plans will define the meaning of an “incident” and identify the leaders who will activate and oversee the plans when an incident occurs. A response plan should include the names of key stakeholders and what their role is in the event of a breach. Plans also must have guidelines for notifying these stakeholders and include a cyber policy that details how to offset costs and allocate resources post-breach.
- Transfer your cyber risk. Minimizing cyber incidents and their negative effects entails in-house management protocols. However, cyber insurance helps transfer that risk to a third party. Cyber insurance is expensive, and nearly impossible to procure without multifactor authentication or endpoint detection. Remember that cyber insurance is part of an overall risk management plan, not the risk management plan itself.
As food production and supply chain companies rely more on automation and collect more data to drive operational efficiencies and maintain food safety, the risk of crippling cyberattacks will rise. Companies should make regular assessments of their cyber security defenses, invest in technology that will protect the company and product, and don’t believe that cyber criminals won’t come after them based on their size, location or products produced.
Processors that make themselves the least-inviting targets with high-level defense mechanisms in place should be able to diffuse most attacks before they even begin.