By Kristin Demoranville
Incorporating safety programs into an organization’s culture is paramount in the food industry, where the integrity of the food supply chain is critical. Different safety program cultures, such as fire safety, food safety, and cybersecurity, must work together and be ingrained into an organization’s daily operations.
In today’s world, integrating cybersecurity programs into an organization’s safety culture is equally important as fire and food safety programs. Fire safety culture is an excellent example of cultural training in practice. After all, most of us recall the familiar phrase “stop, drop, and roll.“ While the exact words may differ across countries and languages, it is a simple, memorable method for extinguishing a fire on oneself. Fire safety also isn’t just about preventing fires but aims to minimize damage to property and life through practicing fire drills, installing smoke detectors, and using fire-resistant materials.
Proactive cybersecurity involves planning to prevent cyber-attacks and their impact on the food supply chain’s safety and security.
Similarly, proactive food safety practices involve measures to prevent contamination, such as proper sanitation, food storage, and regular equipment maintenance. Likewise, the growing dependence on technology in the food industry has made it indispensable to any food plant’s safety program. Computers are now integral to the food industry. They control everything from ingredient mixing to cold storage, drone use, supply chain logistics, and more, and unfortunately, these systems are susceptible to cyber–attacks. In 2021, a ransomware cyber-attack on a milk distribution company in Wisconsin, USA, caused a large milk processor to shut down a plant and dispose of their expensive product.
Cybersecurity incidents can significantly affect an organization’s reputation and finances and even result in loss of life. Proactive cybersecurity involves planning to prevent cyber-attacks and their impact on the food supply chain’s safety and security. It also incorporates cybersecurity measures and education into the food safety and security strategy. Effective collaboration between the food safety, IT, and security teams is crucial for achieving a unified culture. Cross-organizational collaboration ensures that suitable cybersecurity measures are integrated into the overarching strategy, which prevents cyber-attacks from jeopardizing the integrity of the food supply chain.
As you integrate cybersecurity programs into your organization’s culture, consider the following simple checklist of action items:
In conclusion, cultural integration is essential for ensuring the safety and security of the food supply chain. Accomplishing an integrated food resiliency culture necessitates investing in preventive measures, an efficient plan for rapid and effective response, education, and collaboration between different teams.
Like the fire safety mantra of “stop, drop, and roll,” during a cyberattack, one should “stop, report, and mitigate.” Create a memorable method for dealing with a cyber-incident and make it common knowledge.
Stop: Immediately cease any activity that may exacerbate the situation or compromise the system’s security. In cybersecurity, “stop” means recognizing when a potential cyber threat or attack is occurring and taking immediate action to prevent further damage. This may include disconnecting the affected device from the network, stopping any ongoing processes, or refraining from clicking on suspicious links.
Report: Promptly notify the appropriate parties, such as the IT or security teams, of the suspected threat or cyber-attack to initiate a rapid response. “Report” emphasizes the importance of communication when a cybersecurity incident occurs. Employees should be encouraged to report suspicious activity or potential cyber threats to their IT or security teams without fear of repercussions. Timely reporting can minimize damage and speed up the recovery process.
Mitigate: Implement measures to contain the impact of the threat or attack and initiate recovery procedures to restore normal operations as soon as possible. “Mitigate” refers to taking action to minimize the damage caused by a cyber threat or attack and to prevent its spread. This may involve isolating affected systems, removing malware, patching vulnerabilities, or initiating a business continuity plan to ensure minimal disruption to the organization’s operations.
By investing in these action items, the food industry can minimize potential threats and ensure the safety and security of food for the public.
Stay ahead with the latest in Food Safety! Free subscription, unlimited access. Sign up now!
About the Author:
Kristin Demoranville is the Founder and CEO of AnzenSage, a cybersecurity resilience firm specializing in the food sector. She holds a B.S. in Environmental Management and has 25 years of experience in technology and cybersecurity. Her unique blend of operational technology, cybersecurity, and risk management knowledge equips her to address the food industry’s distinct challenges.