The food and agricultural sector accounts for a large share of our economy with more than 2 million farms, more than 900,000 restaurants, and more than 200,000 food-related facilities yet it is almost entirely privately owned. It is also linked to other critical infrastructure sectors like the water and wastewater systems, transportation systems, energy sector, and chemical sector.
Its vulnerabilities were exposed during the COVID-19 pandemic where facility shutdowns, labor shortages, and energy problems disrupted both supply and demand chains. These issues are further compounded by successful cyberattacks on the food industry because of outdated security, poor coordination among businesses and government, and a lack of emphasis on cybersecurity within the food and agricultural industry.
A prime example occurred in May 2021 when a ransomware attack by a Russian group on JBS, the world’s largest meat supplier, resulted in increasing prices and delayed shipments. The University of Minnesota published a report in 2019 describing the main reason that the industry is frequently targeted, the lack of knowledge and awareness of food companies creates gaps in defense systems against cyberthreats. The increasing automation and interconnectedness used in the food industry are not bolstered by software with effective security features and technology. Moreover, with the monopoly of the food and agriculture industry by four major companies, resilience in the industry is severely hampered.
To combat the vulnerability in the food and agricultural sector, the authors have several recommendations:
- create a closer working relationship between companies and government agencies;
- develop guidelines and regulations for security standards;
- promote a culture of cyber safety;
- enhance communication between IT professionals and operations personnel;
- enforce and update security measures;
- conduct regular risk assessments; and
- establish a intelligence component within USDA.
Read the full analysis of the article here