This week saw the formation of the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) which is of noteworthy importance due to the fact that the food and agriculture industry was the only U.S. critical infrastructure without a threat Information Sharing and Analysis Center (ISAC) - a formal mechanism for sharing cyberthreat information.
Cyber experts had warned that the food industry's failure to create its own version of an information-sharing and analysis center would leave companies vulnerable to attack. Supporters of the ISAC, which includes founding board members from Bunge, Cargill, PepsiCo and Tyson Foods, expect the organization to fortify the defenses of its members.
The Food and Ag-ISAC will serve as a tailored forum for food and agriculture companies to engage with leading security experts and analysts from industry peers to share cyber and physical threat intelligence, alerts, analysis, and mitigation practices.
Nation states have increasingly targeted U.S. critical infrastructure. Food and agriculture are part of their hybrid warfare campaign: to degrade and destroy systems capabilities; gather intelligence that can be later used to challenge the U.S. militarily and economically; and create conditions under which U.S. citizens lose confidence in their government's ability to provide for their safety and well-being.
The Food Safety Sector Coming Under Increasing Attack
In addition, the food safety sector is coming under increasing attack by threat actors who are trying to compromise data integrity--the ability to keep data unchanged as it is communicated or stored, which could lead to consumer distrust of products grown or produced domestically.
The food and agriculture sector is one of the most critical infrastructures because people depend on the reliable delivery of food. The sector increasingly integrates new technology to feed the nation and the world, bringing important benefits for Americans' everyday lives. This interdependency also has the potential to increase risk, as demonstrated by the two-year anniversary of a ransomware attack on meat processing company JBS S.A., when the world's largest meat processing company paid $11m in ransom to put an end to the cyber-attack, which has heightened awareness about the need for an Information Sharing and Analysis Center (ISAC) dedicated to this industry.
Paul Hershberger of Cargill, a Board Member of the IT-ISAC and a Founding Board Member of the Food and Ag-ISAC said “The food and agriculture sector relies on information technology to feed the world, from precision farming to supply chain management and modern production processing, transportation and logistics,” “Maintaining a close relationship between the Food and Ag ISAC and the IT-ISAC enables critical collaboration between the food, agriculture and technology industries to manage cybersecurity risk across the value chain.”
As stated on the ISAC website “The Food and Ag-ISAC provides threat intelligence, analysis, and effective security practices that help food and agriculture companies detect attacks, respond to incidents, and share indicators so they can better protect themselves and manage risks to their companies and the sector.”
ISAC will provide for its members adversary attack playbooks, incident response updates and provide access to an intelligence management platform.
