From sorting to safety and compliance, artificial intelligence (AI) has become a critical component in food and beverage production, comprising a $3.1 billion market in 2020, with expectations of it reaching nearly $30 billion by 2026.1
Despite its promise, the increased use of AI and automation in the food and beverage industry creates greater risk of cybercrime.
A ransomware attack temporarily shut down most of JBS’ U.S. operations in 2021, stalling nearly a fifth of the nation’s beef, pork and poultry production.2 The hack was one of 40 similar cyberattacks on food and beverage companies in 2020.3
It’s all about control systems
Although network systems are always at risk, it’s the security over control systems — which regulate the work and production environment — that are particularly important when implementing AI or any computerized automation system. That’s because a cyberattack on a food production control system has the potential of compromising employee and food safety.
For instance, a hack into a chicken processing plant’s automated ovens may result in undercooked batches of chicken, causing an enormous food safety issue. Or a cyberhacker could lock freezers and refrigerators, demanding a ransom for reopening.
Going beyond standard security to protect control systems
Protecting control systems against cyberattacks and knowing how to recover after an incursion requires a holistic risk management strategy. Here’s six steps towards getting there:
- Segment the network: Separating the computer system that handles AI and control systems from the main network, when possible, helps contain attacks on the main network from spreading to the control system. This is particularly important if running old or unsupported machinery, or control systems software.
- Audit control systems security and implement anti-malware software: Anti-malware protection isn’t just for keeping accounts receivable from getting hijacked, it also helps keep control systems safe. A thorough security audit, vulnerability scan or penetration test of control systems will indicate where additional safeguards are needed.
- Automate more than the control system: It’s important to monitor for and respond to advanced threats. Automated security protocols that include spam filters, website blockers and blocked applications can help identify and deter suspicious activity. Multi-factor authentication, endpoint detection and response tools, and security information and event management (SIEM) centralized log monitoring have become vital protections.
- Employee cybersecurity training: Whether it’s for a food and beverage operation’s primary computer network, its AI, or other control systems, the human element still remains the hardest to control. Training employees on cybersecurity threats and how to protect the organization is essential.
- Have a business continuity plan: A predefined recovery plan of the control system includes everything from identifying alternative suppliers to documenting manual workarounds for automated tasks. A comprehensive Business Continuity Management plan should include a cyber incident response plan and provide an integrated framework that builds organizational resilience.
- Get cyber insurance: Cyber insurance is a critical component of comprehensive risk management. Coverages include privacy and liability, ransomware and breach response, crime, business interruption, and technology errors and omissions (E&O). Underwriters often provide incident response resources including access to privacy attorneys, coaches to help the organization recover and forensic investigative firms.
Contact HUB’s Food and Agribusiness experts for more information on AI in the food and beverage industry & best practices for risk management and cyber coverage for your food business.
1 Mordor Intelligence, Artificial Intelligence (AI) in Food & Beverages Market - Growth, Trends, COVID-19 Impact, and Forecasts (2022 - 2027), accessed March 1, 2022.
2 Food Processing, “JBS Paid Hackers $11 Million in Response to Ransomware Attack,” June 10, 2021.
3 National Public Radio, “Why Agricultural Technology Is So Susceptible To Being Hacked,” June 2, 2021.