Everyone is talking about Industry 4.0 or even 5.0. Seems like no one can escape digitalization. Just like food producers. The digitalization offers great opportunities – but where there is opportunity, there is also risk.
The work of every food processing company is based on data that they secure online and that must be protected from external parties, in our case hackers. If the companies data were to be manipulated, deleted or stolen, this could have far reaching negative consequences. Production can be shut down! For how long? Might we even run out of food? Laboratory results could also be manipulated! Might we be consuming toxic foods without knowing it?
According to the GFS Report, 62% of Swiss SMEs have already been victims of cyberattacks. In contrast, 90% think they are at low risk of losing their business to cyberattacks. Furthermore, it is said that 63% of the successful cyberattacks could happen due to negligence within the company e.g., employees.
Thereby the size of the company says nothing about how well its data must be protected. Even small companies can have just as valuable and sensitive data as large ones.
Not only the constantly evolving technology is a challenge for the cyber security of factories but also the budget, resources, priorities and knowledge. But even when a company believes its system is secure, there are always new ways for hackers to gain access. The more complex a system, the larger the attack surface.
Ultimately, the priority of cybersecurity for the food industry should rise, as it is not a question of if, but WHEN an attack will happen.
Regarding the Food Industry there are more specific suggestions such as implementing a CHACCP (Cyber Hazard Analysis Critical Control Point). The HACCP principle to ensure the quality of food has existed for a long time in the food industry. This approach of hazard identification and control can be applied to cyber issues. The implementation of ISO 27001 not only at the factory but also at key suppliers is relevant. It is also important that staff are made aware of and trained in cybersecurity since they are still the main source to let the hackers into the factory.
As a food science student myself, I will probably work in a food producing factory. Thus, it will be my responsibility to be able to produce food and to do so safely in terms of both production and quality. Consequently, nowadays it will also my responsibility to protect food production from hackers.
Saskia B.
Sources:
Asprion, P. and Moriggl, P. (2022). Data and Ethics. Fachhochschule Nordwestschweiz. Lecture Script.
Gfs-Zürich. (2017). Cyberrisiken in Schweizer KMUs: Befragung von GeschäftsführerInnen in Schweizer KMUs. https://gfs-zh.ch/wp-content/uploads/2017/12/Schlussbericht_CyberriskKMU_12122017.pdf
Werran, R. (n.d.). 9 reasons cybersecurity matters for food industry. Bsi. https://www.bsigroup.com/en-US/blog/food-blog/cybersecurity—the-silent-assassin-post/
Image Sources:
https://xtalks.com/the-growing-importance-of-food-industry-cybersecurity-2858/
FoodArchitecture 