• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • Login
  • Subscribe
  • Logout
  • My Profile

  • CORONAVIRUS
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • REGIONS
    • Asia Pacific
    • Canada
    • China
    • Europe
    • Latin America
    • Middle East/Africa
    • North America
  • THINK TANK
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » Three Cyber Soft Spots in the Food and Ag Industry

Think Tank
Think Tank RSS FeedRSS

Technology / Data Management (Big Data/IoT/Blockchain) / Cloud & On-Demand Systems / SC Security & Risk Mgmt

Three Cyber Soft Spots in the Food and Ag Industry

March 28, 2021
Guilad Regev, SCB Contributor
Agricultural Industry

Digitally-enabled supply chains have been great for helping food and agriculture companies pivot and make changes as a result of fluctuating demand. Unfortunately, they also leave companies highly vulnerable.

The food and agriculture industry has seen a 56% increase in vulnerabilities from 2019 to 2020, according to a report by industrial cybersecurity company Claroty Ltd. While a maturation of industrial control systems (ICS) security research and increased adversaries contribute to this rise, digital transformation also played a major role as I.T. systems and operational technology (OT) networks converge. 

These companies face three major risks that threaten continuous operational availability: third-party remote access, malware infection and change in controller operations at remote facilities. 

Third-Party Access

A top threat vector for targeted attacks on OT systems are the individuals or third parties and remote employees who have access directly through OT networks. This can easily impact any part of the supply chain. Traditionally, OT engineers in many cases have shared admin access since they might need access to the process immediately. The sharing of credentials is now highly frowned upon, particularly at a time when many workers are logging into OT environments remotely. Even with site-to-site VPNs, third-party consultants, workers and vendors — and their remote access to networks for routine maintenance — are also a risk. 

This includes any I.T.-connected aspect of the supply chain: systems that regulate or keep track of the produce-growing process; the transportation of raw ingredients from farm to factory; the packaging, shipping and distribution logistics for a finished product. All of these different steps in the process, no matter where it’s being served, are at-risk and need to be closely monitored. 

Malicious Software

The pandemic sped up the convergence of I.T. and OT networks, which can make food and agriculture supply chains run more efficiently, but also expands the attack surface available to adversaries. Ransomware can target facilities that process ingredients or package the product, putting OT systems at risk for a potential attack or breaches. For organizations that have weaked security postures, malware attacks can easily crossover from I.T. systems to the OT environment.

Remote Users

Manufacturers that use water, electric and gas to power their production sites expect these systems to operate the same way every time. However, even a slight change in controller operations at remote facilities can threaten and contaminate the production process. The struggle is that most companies lack granular visibility into these systems outside of their control to understand and explain changes.

This isn’t to say digital transformation should be undone, rather, it must be better secured. Organizations need to have proper protocols in place, especially when embracing industry 4.0 and digital transformation.

Security teams can start by monitoring all connections to better detect changes in operations, especially at remote sites to prevent unwanted external access. Having the ability to observe real-time, remote sessions and manage user access requests based on various factors can help OT leaders safeguard their networks from threats by third-party, unmonitored access.

Given how heavily organizations rely on remote connectivity now, it’s critical to define and enforce access permissions, especially those with privileged access. Riskier processes like packaging or wastewater treatment require more sensitivity when it comes to maintenance operations. These types of remote access may require an additional approval before gaining access to the device. Food and agriculture companies should adopt a multi-tiered network defense model like the Purdue model to mitigate lateral movement when systems are compromised, and protect critical process control assets. It also helps to limit authorized user activity to specific assets on OT networks while keeping corporate I.T. networks separate to prevent any incident spillover. 

With access also comes authentication. Using, sharing and managing passwords have become the norm in today’s remote workforce. Companies should look to eliminate or limit the use of passwords for external users. This can include requiring administrators to approve remote access sessions. Multi-factor authentication also adds another layer to protect against unwanted access. 

Even when it will be safe for teams to return to manufacturing floors, organizations must maintain stringent audit and compliance requirements for remote access. Threat actors constantly look for opportunities to strike and take advantage of workforce changes to gain access to critical networks. To lessen the risk, food and agriculture companies must stay diligent with capturing and documenting remote access session activity and credential usage to meet compliance requirements and ease future forensic analysis. 

With a better understanding of the cyber risks to their supply chain, food and agriculture companies can take the appropriate measures to reduce their risk and move forward with more confidence. These best practices of monitoring all connections, defining and enforcing privileged access control, verifying authentication and maintaining audit and compliance requirements can help better secure OT environments and extend the value of digital transformation efforts. 

Guilad Regev is senior vice president of global customer care at Claroty.

RELATED CONTENT

RELATED VIDEOS

Wake up to Coronavirus Updates and the latest Supply Chain News!

Subscribe to our Daily Newsletter

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • Coronavirus-watch-Armada

    Virus Update: Australia Won’t Buy J&J Vaccine; India Approves Russia’s Sputnik V Vaccine as Cases Soar

    Coronavirus
  • Shipping Costs

    Higher Shipping Costs Are Here to Stay, Sparking Price Increases

    Coronavirus
  • Semiconductor

    Why Shortages of a $1 Chip Sparked a Global Economic Crisis

    Coronavirus
  • Indoor Farm

    Vertical Farming: A Solution to Waste and Inefficiency in the Food Supply Chain?

    Sustainability & Corporate Social Responsibility
  • Robotic automation

    The Impact of Robotics on Supply Chain 2.0

    Coronavirus

Digital Edition

Scb feb 2021 lg

2021 Supply Chain Management Resource Guide

VIEW THE LATEST ISSUE

Case Studies

  • Remote Implementation: A Dose of the Right Medicine for B2B Pharmacy

  • LSP Saves Customer $1.5 Million a Year With MPO Global Inbound Management

  • Auto Supplier Wows Key Client Using riskmethods Supply Chain Savvy

  • Integrating Shipping and Compliance Saves Conglomerate Millions

  • How a Consumer Goods Giant Upped Its On-Time Delivery Performance

Visit Our Sponsors

Yang Ming 6 River Systems ArcBest
Armada aThingz BluJay
Burris Logistics DSC Logistics DCSA (Digital Container Shipping Association)
DHL Resilience360 Flash Global Genpact
Geodis GEP GreyOrange
Honeywell Corporate Honeywell Intelligrated Infor
Inmar Kibo Commerce Kinaxis
Logility Magnitude Software MPO
Old Dominion Oliver Wight OpenSky
Paccurate Ports America Purolator
QAD Precision Red Classic Riskmethods
S&H Systems Snapfulfil TGW Systems
Tradepoint Atlantic Transportation Insights Watson Land Company
Westfalia Technologies Workjam
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2021 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing