-
Industrial
- Healthcare
-
Commercial
- Public Sector
- Threat Research
- Partners
-
Resources
Featured Content
- Company
Blog / 10 min read
Like many other critical industries, the food and beverage industry has reaped significant rewards from the advancements brought about by digital transformation. Technologies such as the internet of things (IoT), industrial internet of things (IIoT), industrial control systems (ICS), artificial intelligence (AI), cloud computing, and big data have transformed the way food is produced, distributed, and consumed. This heightened level of automation has enabled companies to increase efficiency and reduce costs by streamlining processes, improved quality control by reducing the risk of human error, and enhanced food safety by reducing the risk of contamination. Although automation, the connectivity between information technology (IT) and operational technology (OT), and the use of cyber-physical systems (CPS) have greatly benefitted food and beverage companies, they have also brought about major challenges when it comes to industrial cybersecurity.
CPS in the food and beverage industry are being used to optimize processing and inform operational decisions, but have also given rise to concerns regarding cybersecurity, as these systems increasingly interact with the physical world.
The convergence of IT and OT has had a significant impact on the food and beverage industry, enabling companies to analyze data in real-time to optimize production and improve efficiency. IIoT sensors and other OT technologies have allowed companies to enhance quality control by monitoring temperature, humidity, and chemical composition. Increased automation and improved food safety have also been key results of IT/OT convergence, allowing for a reduction in the need for manual labor and improvement of safety and food quality.
All of these benefits, however, are quickly being outpaced by cybersecurity risks as the attack surface continues to expand. Furthering the issue are the legacy OT systems used in food and beverage operations, these systems were not developed with cybersecurity in mind, and may be running on outdated software — leaving them particularly vulnerable to attack. Food and beverage companies also must contend with the fact that they many times lack the cybersecurity expertise necessary to secure their OT systems, leading to security gaps that are ripe for exploitation.
According to the United Nations, the world population is estimated to reach 9.8 billion by 2050, and 11.2 billion by the end of the century. This alarming escalation will lead to a major stress on food production and delivery.
As the demand for food increases, so will pressure on agricultural production systems to produce more food in less time, and with fewer resources. This means an increase in land use, putting pressure on natural ecosystems, and leading to issues pertaining to sustainability. It also will lead to water scarcity, by putting pressure on water resources — causing competition for water between agriculture and other sectors. Lastly, stress on food production can lead to food waste, causing myriad of issues such as resource inefficiency, adverse effects on the environment, and hazards to food safety.
As the food and beverage industry works to combat the issues caused by a rapidly growing population, the solutions will only bring increased cybersecurity risk. These risks include a reliance on technology as processes become further automated and digitized, leading to increased vulnerabilities. As we can see, stress on food production is directly related to IT/OT connectivity, as organizations attempt to combat this challenge with the use of IIoT sensors, controllers, and industrial control systems — leading to an expanded attack surface and leaving previously “air-gapped” OT systems at risk. Furthering the issue is increase in globalized production and connectivity, leaving supply chains vulnerable by opening them up to a risk of attacks on logistics and transportation systems.
Our third food and beverage industry challenge lies with the need for increased sustainability. As food production increases to meet a growing demand, we will see the impacts on climate change and environmental degradation.
According to this United Nations report, the food sector contributes to about one-third of the world's total greenhouse gas emissions, and almost two-thirds of freshwater withdrawals annually. Throughout the industry, power consumption is extremely high, as energy is needed for processing, growing and harvesting crops, transporting food to processing facilities, and packaging — which also contributes to a considerable amount of harm, piling up in landfills and polluting land and seas. As more food is being produced, we also see a growing challenge with food waste, as the waste that is disposed of ends up in landfills and causes significant amounts of greenhouse gas emissions when decomposing.
Food and beverage companies have become increasingly aware of these challenges and the need for sustainable practices, and have slowly made a push towards sustainability; however, these practices have had a significant impact on cybersecurity. Through the use of connected devices, the food and beverage industry has adopted sustainable practices like precision agriculture and smart packaging. Although these advancements have helped the environment, they have also furthered the IT/OT connectivity challenge by creating new security risks, and giving attackers the opportunity to exploit vulnerabilities in their software or hardware. The adoption of sustainable practices have also required companies to have a greater reliance on data, collecting environmental metrics and supply chain information to optimize efficiency. This heavy data collection could leave organizations more vulnerable to attacks aiming to steal the information or disrupt its availability.
As we can see, the 3 major challenges facing the food and beverage industry are closely interconnected. As one issue becomes more severe, it also impacts the other two — making remediation more difficult. That’s why protecting these interconnected systems and data from cyber attacks is crucial to maintaining the integrity and security of the entire food production process.
A notable attack that has shaped food and beverage cybersecurity was a ransomware incident targeting the world’s largest meat supplier, JBS Foods. During the attack, hackers demanded a ransom of $11 million after shutting down some of the company's plants and distribution operations. This disruption was particularly harmful for a company like JBS who has low tolerance for downtime, with its massive scale and 24/7 production schedule. Aside from financial impact, this massive disruption to meat production and supply led to shortages in meat products, higher prices, and concerns regarding food security — a major challenge already plaguing the industry. It also caused the company reputational damages, undermining consumer confidence. Overall, the incident highlighted the vulnerability of critical infrastructure to cyberattacks, particularly in the food and beverage sector, and underscored the importance of implementing cybersecurity measures. This wake-up call prompted global awareness as giants of the global food industry become increasingly targeted by attackers.
Another significant ransomware incident targeted a farm services cooperative with 60 locations operating in Iowa. The organization, NEW Cooperative, faced an attack similar to that of JBS Foods, in which attackers demanded a $5.9 million ransom. The attack caused delays and disruptions to operations for several days, affecting the company's computer systems, email, and phone systems — leaving them unable to receive and fulfill orders from customers. Similar to that of JBS, aside from disruption to operations, NEW Cooperative also suffered financial losses and reputational damage, undermining the organization's ability to protect their data and systems. This incident prompted the U.S. Agricultural Secretary to urge cooperatives to harden their defenses against cyberattacks to avoid any disruptions to the nation’s harvest. The attack coming right on the heels of the JBS incident has underscored the need for increased investment in cybersecurity measures throughout the food and beverage industry, so companies can effectively protect their critical infrastructure and ensure the resilience of the food supply chain.
Complying with required regulations and recommended standards can be extremely complex for food and beverage companies. But, it has become increasingly important for companies to understand the relevant regulations and standards that apply to their operations in order to improve their cybersecurity posture. The Food and Drug Administration (FDA) Food Safety Modernization Act (FSMA) is one regulation that enables the FDA to focus on preventing food safety problems rather than reacting to problems after they occur. These provisions ensure safety and security of the food supply chain by requiring food facilities to implement preventative controls to minimize cybersecurity risks. Another widely recognized standard is the International Organization for Standardization (ISO) 27001. This standard provides a framework and guidelines for establishing, implementing, and managing an information security management system (ISMS). Following these guidelines will allow food and beverage organizations to implement effective security controls to protect against cyberthreats in an increasingly targeted industry. Although there are many regulations and standards in the food and beverage industry, one last set of best practices we would like to focus on is the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This framework seeks to help critical infrastructure owners and operators manage and reduce cybersecurity risk. Although this framework is voluntary, it is recognized worldwide, and serves as a guide for organizations to reduce their cybersecurity risk in a way that complements their existing risk management and cybersecurity processes. Implementing and adhering to the above cybersecurity standards and regulations is not an easy task, but with a food and beverage cybersecurity solution, like those offered by Claroty, organizations can simplify compliance with requirements and support best practices.
Securing the OT environments that underpin food & beverage processing, production, and packaging requires that companies follow three key principles:
The key principle in securing OT in the food and beverage industry is to gain visibility into all CPS within your environment. By maintaining a comprehensive inventory of all OT, IoT, IIoT, and BMS assets that underpin your OT environment, across each plant, companies can build a foundation for effective industrial cybersecurity. Understanding what needs to be secured with granular device details, and is key in forming an effective cybersecurity strategy.
Many cyber-physical systems use proprietary protocols and legacy systems that are incompatible with traditional IT solutions; however, that does not mean they don’t have a place in OT. In order to successfully secure the environments that underpin the food and beverage industry, Claroty encourages companies to extend their existing tools and workflows from IT and OT. Instead of expanding your organizations already existing tech stacks, Claroty simply integrates with them — allowing food and beverage companies to further optimize use cases and governance areas from your IT to OT environment.
Many OT environments lack essential cybersecurity controls and consistent governance, unlike their IT counterparts. Once enterprise-wide visibility is established, and existing IT tools and workflows are integrated with OT, Claroty can help eliminate that gap by extending IT controls to OT. By unifying your security governance, Claroty can help drive all use cases on your journey to cyber and operational resilience.
For many food and beverage companies, the benefits of automation, IT/OT connectivity, and CPS have been outpaced by industrial cybersecurity risks. As we’ve noted in this blog post, ransomware and other attacks have continued to exploit security weaknesses throughout many company’s extended internet of things (XIoT), affecting production availability, integrity, and safety. Mitigating these risks, and establishing cyber and operational resilience, requires a new approach that extends beyond traditional IT solutions. By teaming up with Claroty, food and beverage companies can implement the three key principles for securing their OT environments, and ensure that they comply with notoriously complex standards and required regulations in their industry.
