Non-profit food and agriculture special interest group for IT-Information Sharing and Analysis Center (IT-ISAC) is becoming an analysis center to share information on the critical connected infrastructure of food delivery.

The Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) will be a “tailored forum” for food and agriculture companies to engage with security experts and analysts from industry to share cybersecurity and physical threat intelligence, alerts, analysis and mitigation practices due to the increased risk in cyber threats to cutting edge technologies that assist in planting, harvesting and shipping food.

The food and agriculture industry has a critical infrastructure that must perform as expected due to the reliance of steady food delivery by people around the world. The industry has increasingly incorporated new technologies into agriculture practices to improve the food supply chain.

The dependency on a smooth-running food and agriculture supply chain creates increased risk for disruption. Just two years ago, JBS, the world’s largest meat processing company, paid roughly $11 million in ransom to end a major cyberattack the company’s computer networks.

Your Agriculture Company (AGCO), a worldwide manufacturer and distributor of agricultural equipment and infrastructure, suffered a ransomware attack on May 5, 2022. The attack affected operations at some of its production facilities and impeded tractor sales.

The newly established ISAC is meant to help mitigate risks like these and ensure food delivery processes run smoothly.

Benefits of the Food and Ag-ISAC

Food and Ag-ISAC member companies will have day-one access to “a trusted intelligence management platform, collaboratively developed adversary attack playbooks, vendor-neutral analyses, ransomware trackers, effective security practices and regular meetings with analysts in peer companies, among other benefits.”

Sharing effective security practices and intelligence will help food and agriculture companies be proactive in detecting attacks, responding to incidents and sharing indicators to also help manage risks to their company.

The Food and Ag-ISAC is launching with mature capacity already in place to keep pace with the increasingly complex threat environment.

Global food supply chain at risk

The food and agriculture industry is not immune from utilizing emerging technologies to advance its business interests. Smart farm machinery is often used to plant and harvest crops, but there are fears that cybercriminals could exploit flaws in agriculture hardware.

A self-styled ethical hacker who spoke to BBC said he had discovered weaknesses in agricultural giant John Deere’s software, which he had reported to them. According to BBC, John Deere is already working to remediate any weak spots in its software.

“No company, including John Deere, is immune to vulnerabilities, but we are deeply committed and work tirelessly to safeguard our customers and the role they play in the global food supply chain,” said John Deere’s global CISO James Johnson.

The same hacker said that he also found vulnerabilities in software systems utilized by CNH Industrial, a company that manufactures New Holland Agriculture machinery.

Along with the UK government and United States’ FBI warning that the threat of cyberattacks is growing, a recent University of Cambridge report found that automatic crop sprayers, drones and robotic harvesters are all susceptible to hacks.

These smart technologies used in food production and harvesting make farms and factories more efficient and productive, with agricultural robots using AI to minimize human involvement. While these technologies can help fill holes in labor shortages and increase yield, they can also increase the security risk.

The interconnectedness of these technologies and any gaps in the software security posture makes bringing down just one system an issue for agriculture manufacturers. Deliveries can be halted or tractors can stop moving altogether. Both would have huge impacts on food supply chains.

Maintaining a secure supply chain

HCLTech offers a suite of holistic offerings that are integrated with Microsoft security products to enhance supply chain security for organizations both on-premises and in the cloud.

This includes HCLTech combining its CSFC Fusion platform with Microsoft’s Azure Sentinel solution to deliver “future-focused threat intelligence and security analytics services across the enterprise environment." These two solutions merging enables visibility into the threat landscape across multi-cloud or hybrid environments.

Further, the offering effectively manages IT security through monitoring, threat identification, timely incident alerts and response recommendations and support.

Supply chain security will remain a need for industries that face their own unique challenges in securing assets, including food and agriculture, retail, energy, healthcare and manufacturing industries. As a service provider, HCLTech continues to develop new, holistic solutions to address supply chain needs.