You don’t want to miss this week’s episode of the 2021 Food Safety Consortium Virtual Conference Series. The session, Food Defense: Yesterday, Today and Tomorrow, will discuss pre-FSMA IA Rule voluntary food defense programs, compliance timelines, and regulatory compliance vs. enterprise risk based approaches to food defense. Presenters will address the status of Food Defense plan quick checks and share insights on Food Defense Plan reanalysis. Participants will gain insights on threat intelligence sources and food defense-based research updates. Other topics to be covered include a brief overview of recently released insider risk mitigation reference material, cyber/IT “vulnerabilities”, critical infrastructure protection and how an all-hazards mindset to “all of the above” can help to contribute to a Food Protection Culture.
The following is the line up of speakers for Thursday’s episode, which begins at 12 pm ET.
Jason Bashura, PepsiCo (moderator)
Food Defense Yesterday with Raquel Maymir, General Mills
FBI HQ Perspectives of Food Defense with Helen S. Lawrence and Scott Mahloch, FBI
Food Defense Tomorrow with Frank Pisciotta, ASIS Food Defense & Ag Security Community and Cathy Baillie, Mars, Inc.
Risk-based Food Defense with Jessica Cox, Department of Homeland Security, Chemical Security Analysis Center
Food Defense & Supply Chain Perspectives: Regional Resilience Action Plan with Jose Dossantos, Department of Homeland Security/CISA
The Fall program runs every Thursday from October 7 through November 4. Haven’t registered? Follow this link to the 2021 Food Safety Consortium Virtual Conference Series, which provides access to all the episodes featuring critical industry insights from leading subject matter experts!
Today the National Counterintelligence and Security Center (NCSC) and the Department of Defense’s Center for Development of Security Excellence (CDSE) published a risk mitigation guide to help organizations in the food industry understand insider risks, establish insider risk programs, and develop mitigation strategies. The “Insider Risk Mitigation Programs: Food and Agriculture Sector Implementation Guide” was developed in collaboration with federal partners and stakeholders, including the FDA.
The Fall edition of the 2021 Food Safety Consortium Virtual Conference Series will feature an episode on Food Defense Strategies | Register Now“Organizations in the food and agriculture sector play a critical role in protecting public health and safety, as well as U.S. economic and national security,” said NCSC Acting Director Michael Orlando in an NCSC press release. “This guidance is designed to help these entities create effective programs to deter, detect, and mitigate potential insider threats before they can cause harm.”
The guide includes links to federal resources in food and agriculture, and case studies concerning food adulteration, IP theft and active shooter incidents that were carried about by insiders. Any organization can be exposed by an insider threat, which is a person who has authorized access and uses it to commit harm to the organization. “Those with authorized access to facilities, personnel, or information can include employees, vendors, partners, suppliers, or others,” according to NCSC. “Most insider threats exhibit risky behavior prior to committing negative workplace events. If identified early, many insider threats can be mitigated before harm to the organization occurs.”
Insider threats can target food organizations through food adulteration, food fraud, theft and workplace violence.
The recent cyberattack that shut down meat supplier JBS should be a wakeup call to the food industry. These attacks are on the rise across industries, and food operations both large and small need to be prepared. In a Q&A with Food Safety Tech, Brent Johnson, partner at Holland & Hart, breaks down key areas of vulnerability and how companies in the food industry can take proactive steps to protect their operations and ultimately, the consumer.
Food Safety Tech: Given the recent cyberattack on JBS, how vulnerable are U.S. food companies, in general, to this type of attack? How prepared are companies right now?
Brent Johnson: Food companies are in the same boat as other manufacturers. Cyber threats are constantly evolving and hackers are developing increasingly sophisticated delivery systems for ransomware. Food companies are obviously focused on making and delivering safe and compliant products and getting paid for them. Cybersecurity is important, but it’s difficult for manufacturers to devote the resources necessary to make their systems bulletproof when it’s an ancillary part of their overall operations and a cost driver. Unfortunately, hackers only have one job.
We tend to think of big tech and financial services companies as the prime targets for ransomware attacks because of the critical nature of their technology and data, but food companies are really no different. Plus, unlike tech companies and the financial services industry, food companies haven’t, as a general matter, developed the robust defenses necessary to thwart attacks, so they’re easier targets.
Food Safety Tech: What is the overall impact of a cyberattack on a food company, from both a business as well as a consumer safety perspective?
Johnson: It may come as a bit of a surprise to those who don’t work in the food industry, but food production (from slaughterhouses to finished products) is highly automated and data driven. That’s one of the lessons of the JBS ransomware attack. The attack shut down meat processing facilities across the United States and elsewhere. I work in Utah and the JBS Beef Plant in Hyrum was temporarily shut down. JBS cancelled two shifts at its meatpacking operation in Greeley, Colorado where my firm has a large presence as well, because of the ransomware attack. So, the impact on a food company’s business from a successful ransomware attack is dramatic.
On the consumer safety side, a ransomware attack that impacts automated safety systems would cause significant problems for a food manufacturer. Software controls much of the food industry’s safety systems—from sanitation (equipment washdowns and predictive maintenance) to traceability (possible pathogen contamination and recalls) to ingredient monitoring (including allergen detection). Every part of a food company’s production system is traced, tracked, and verified electronically. A ransomware attack on a food maker would very likely compromise the company’s ability to produce safe products.
Food Safety Tech:What proactive steps should food companies be taking to protect themselves against a cyberattack?
Johnson: I wish there was an easy and foolproof system for food companies to implement to protect against cyber attacks, but there isn’t. The threats are always changing. The Biden Administration’s recent memorandum to corporate executives and business leaders on strengthening cyber defenses is a good starting point, however. The White House’s Deputy National Security Adviser for Cyber and Emerging Tech, Anne Neuberger, reiterated the following “Five Best Practices” from President Biden’s executive order. These practices are multifactor authentication, endpoint detection and response, aggressive monitoring for malicious activities on the company’s networks and blocking them, data encryption, and the creation of a skilled cyber security team with the ability to train employees, detect threats and patch system vulnerabilities.
Food Safety Tech: Are there specific companies within the food industry that are especially susceptible?
Johnson: Not really. Hackers are opportunistic and look for the paths of least resistance. That said, as can be seen from the recent Colonial Pipeline and JBS ransomware attacks, hackers have transitioned from the early days of going after individuals and small businesses to whale hunting. The money is better.
It’s important to observe that the recent attacks have been directed at industries that present national infrastructure concerns (oil, the food supply). There’s no evidence of any involvement by a foreign government in these attacks, but it’s a fair question as to whether the hackers, themselves, expect that the federal government will step in at some point to assist the victims of cyber attacks financially due to their critical importance.
Food Safety Tech:Where do you see the issue of cybersecurity and cyberattacks related to the food industry headed in the future?
Johnson: Other than the certainty that the attacks will increase in both intensity and sophistication, I have no prediction. It’s not a time for complacency.
On Sunday Brazil-based JBS was targeted by a cyberattack that forced the shutdown of its facilities in Arizona, Colorado, Michigan, Nebraska, Pennsylvania, Texas, Utah and Wisconsin. The ransomware attack affected servers that support the company’s IT systems in North America and Australia. It is suspected to have originated from an organization based in Russia, according to reports.
It is expected that most of the company’s beef, pork, poultry and prepared food plants will be operational today, JBS said in a statement last night. Thus far the company is unaware of any customer, supplier or employee data that has been compromised.
Cyberattacks coming from Russia have increased at a significant rate and are likely to continue. “The fact that this kind of activity is happening with a relatively high frequency and also all signs sort of leading back to Russia, that is very disturbing,” said Javed Ali, a former National Security Council director of counterterrorism, in an ABC News report. “I don’t think we’ve seen a period of this kind of high-intensity cyber operations from Russian soil directed against a variety of different U.S. targets arguably ever, unless the government has been tracking this and the public details of those types of operations haven’t been revealed before.”
Over the past 9 years, the Food Safety Consortium Conference & Expo has built a reputation for delivering perspectives and insights from the most knowledgeable and influential experts in food safety. As a result of the COVID-19 pandemic, last year’s event was converted from an in-person event into a 14-week series of virtual themed-episodes during the fall. Continuing the momentum from 2020, the 2021 Food Safety Consortium Virtual Conference Series will take place as a four-week Spring and five-week Fall program. Both the Spring and Fall programs will feature critical thinking topics that are for industry veterans and knowledgeable newcomers.
“As you know, the online experience is very different than in-person, so last year we deconstructed our in-person program and re-engineered it for virtual. Instead of having a virtual conference for three straight days, we set up our program in short 2.5-hour themed episodes that ran every Thursday in the fall. We received great feedback from attendees, speakers and sponsors. I think we were one of the few conferences that successfully pulled off the pivot to virtual,” says Rick Biros, president of Innovative Publishing and director of the Food Safety Consortium.
Building on the strong success of the 2020 Food Safety Virtual Conference Series, the 2021 Consortium will be presented into two seasonal programs. “This will allow us to continue the conversation throughout the year, while also taking into consideration the busy lives of food safety professionals,” Biros adds.
Food Safety Tech is the media sponsor and will feature exclusive content from the event.
The Spring Program will run every Thursday in May, with each episode starting at 12 pm ET. The weekly episodes will tackle a range of critical topics in foods safety, including FSMA and traceability, food protection strategies, COVID-19’s lasting impact on the food industry by segment, audits and supply chain management. Frank Yiannas, FDA deputy commissioner for food policy and response, is the confirmed keynote speaker for Thursday, May 6.
The Fall Program will run every Thursday beginning on October 7 at 12 pm ET through November 4. Episode topics include food safety hazards (emerging threats and new technologies), food defense strategies, an FDA update, and personal development, training and mentorship.
Companies that are interested in sponsoring a 10-minute technical presentation during the series can contact Sales Director RJ Palermo for more details.
About Food Safety Tech
Food Safety Tech is a digital media community for food industry professionals interested in food safety and quality. We inform, educate and connect food manufacturers and processors, retail & food service, food laboratories, growers, suppliers and vendors, and regulatory agencies with original, in-depth features and reports, curated industry news and user-contributed content, and live and virtual events that offer knowledge, perspectives, strategies and resources to facilitate an environment that fosters safer food for consumers.
Since 2012, Food Safety Tech audiences have learned to respect and expect our high-quality content—via FoodSafetyTech.com, our weekly newsletter and by attending our educational programs. Food Safety Tech keeps professionals current with the latest information about technology, best practices and regulations, and how innovative solutions and approaches can be leveraged to further advance food safety across the globe.
About the Food Safety Consortium Conference
The Food Safety Consortium is an educational and networking event for Food Protection that has food safety, food integrity and food defense as the foundation of the educational content of the program. With a unique focus on science, technology and compliance, the “Consortium” enables attendees to engage in sessions that are critical for advancing careers and organizations alike. Over the past 9 years the Food Safety Consortium has built a reputation for delivering the most knowledgeable and influential perspectives in food safety. The speaker line-up has driven key food safety decision-makers to the event (both in-person and virtually)—facilitating an environment for vendors, suppliers, food industry professionals, and consultants to network and build long-lasting business relationships.
Due to COVID-19, the 2020 Food Safety Consortium was converted to a virtual conference series that featured specific topics in a weekly episode series. The 2021 Food Safety Consortium Virtual Conference Series will feature a Spring and Fall program, running in May and October, respectively.
Current events and external threats to food and agriculture
Case studies and lessons learned in food defense
Insider threat mitigation
Resources for food and beverage manufacturers
Featured speakers include Jason Bashura, PepsiCo (session moderator); April Bishop, Treehouse Foods; Ben Miller, The Acheson Group; Frank Pisciotta, BPS, Inc.; Joel Martin, Cargill; James Nasella, Tate & Lyle; Scott Mahloch, Cassandra Carter, and Kevin Spradlin, FBI; Rob Odell – National Insider Threat Task Force; Sarah Miller – Carnegie Mellon/CERT; Rebecca Morgan, Center for the Development of Security Excellence
The event begins at 12 pm ET on Thursday, November 12. Haven’t registered? Follow this link to the 2020 Food Safety Consortium Virtual Conference Series, which provides access to 14 episodes of critical industry insights from leading subject matter experts! We look forward to your joining us virtually.
Yesterday marked the beginning of the 2020 Food Safety Consortium Virtual Conference Series. Episode 1 featured Food Defense Foundational Planning Elements: Strategies, Insights and Best Practices. Led by Jason Bashura, senior manager, global defense at PepsiCo, food defense experts from manufacturing, retail and the government shared different perspectives on the FSMA Intentional Adulteration rule; how to develop a food defense plan; the key role that food safety culture plays in food defense; education and training; and establishing awareness of and combating various threats to the food supply, including the insider threat.
Especially eye-opening was the information presented by Robert Norton, Ph.D. of Auburn University about the threats against the food supply (a “target-rich environment”) and the range of adversaries and their motivation for disrupting the food supply.
With significant clusters of COVID-19 infection among employees—16,000 cases and 86 deaths documented by the CDC through May 2020 — the food processing and distribution industry faces significant challenges in reopening their facilities and ramping up to full capacity. Technology for health and safety access governance and intelligence, along with guidelines from the CDC and OSHA, can help support food companies in the automation of certain compliance activities and a safe return-to-work strategy.
Designated part of the essential critical infrastructure by the federal government at the onset of the pandemic in the spring of 2020, the food supply chain needs active solutions to protect its workforce. But there’s more to this back-to-work transition. Workers need to feel safe and trust that new security, safety and compliance processes have their best interests in mind—transferring to an overall positive experience with their employer.
In the age of contagion, the food industry requires ways to communicate better with the workforce, identify and isolate areas of contagion and also deal with the lingering presence of potential bioterrorism, insider threat and cyber-attack. It’s a multi-faceted and complex workspace we’re reentering, one that takes coordination of technology, people and processes. Without it, food suppliers risk plant shutdowns and loss of business continuity.
Bioterrorism and insider threat remain an active part of the supply chain landscape. In fact, according to a June 2020 Wall Street Journal Pro Research Survey of cybersecurity executives at nearly 400 companies, 67% were concerned about malicious insiders. Remote workers and lax controls have exacerbated the situation and rising threats include malicious employees, accidental negligence, contractor or vendor misuse and account compromise.
The Landscape of Collaboration
The ongoing coordination between human resources (HR) and security is a collaborative effort that bolsters food defense in a COVID-19 world. Fueled by digital transformation, converged physical security and HR management solutions are wound together tightly in a coordinated and analytical approach to keep food industry employees safe and operations running smoothly.
These departments, once siloed and co-existing without direct interaction, are benefiting from software’s move to the cloud and open operating platforms, which provides increased opportunity for real-time integration of HR, security and facilities technologies. Moving to a converged approach across all departments, including HR, IT/cyber and operational technology (OT)/SCADA—can effectively secure our most critical food production and distribution resources while actively enforcing compliance and company policies, including COVID-19 mandates. In addition, physical security access governance, in a holistic manner, protects food industry workers and processes from compromised identities, systems and insider threats.
HR and physical security now have the ability to share data-insights to prevent, detect and mitigate the spread of contagions. With this convergence, organizations have the information they need to actively defend and protect the workforce, focusing on the human side of security to yield a positive experience.
Enabling a Safe and Healthy Return to Work
This time of unprecedented change has triggered a tectonic shift in the way organizations have been dealing with the health, security and safety of their workforce. Sensing a coming tsunami, HR, corporate real estate and physical security leaders are realizing that they must stop operating in silos and embrace a holistic approach. Enterprise response and recovery plans have become a major catalyst for converged security, as it has proven to be the most effective way to manage workspace access, enforce workforce security, safety and privacy.
Reopening with Technology at Your Back
Physical identity access management (PIAM) software, including visitor identity management (VIM) are convergence platforms that deliver identity and access governance, health and safety intelligence and compliance validation across the enterprise. PIAM provides a safer work environment by managing physical, logical and operational technology access for employees and visitors, actively enforcing company policies, compliance and industry regulations with built-in best practices and regulatory controls. Automated policy-driven background checks yield real-time vetting of visitors, contractors and employees while validating and identifying any policy violations. PIAM and VIM keeps facilities and workers safe, making sure the employees and visitors only have access to the areas, data and assets they need, including vital food processing areas where deliberate sabotage needs to be kept at bay.
While prevention of bioterrorism and insider threat is ongoing at food distribution, production and processing facilities there’s been a notable shift during the pandemic that focuses on the health and safety of workers. Security is no longer simply about keeping the bad guys out; it’s about safety and protecting workers from unsafe behavior.
Workforce health and safety access governance software solutions help organizations open safely in a frictionless, controlled and secure way by automating and enforcing COVID-19 related policies and procedures. Automated batch email/text notifications with self-service links send requests to the remote workforce for self-attestation and self-reporting offsite and enable access by the worker to the facility based on health, travel and other company policies.
Here’s how it works: An employee completes the self-reporting health and travel questionnaire through a mobile app, which triggers automated workflows based on those answers. These health questionnaires collect data and document employee activity during lockdown, including infection, symptoms or exposure. The employee’s self-attestation request comes to the manager for action, and based on answers the worker is considered high risk and per policy their access to the facility is revoked for 14 days while they are in quarantine. A similar self-attestation and workflow then applies to reinstatement for the employee. This reporting and workflow can be configured specifically to the facility. Enterprises can further customize their visitor identity management to provide clear communication of current policies during the outbreak, reinforcing WHO best practices.
Focus on Health and Safety
Health and safety access governance and intelligence provides prescreening support of workforce site entry with automated policy enforcements. Pre-registered and onsite visitors/contractors check-in/check-out with prescreening, watch list and other checks prior to access. In the production or distribution facility, health and safety analytics track confirmed or potentially exposed COVID-19 workers, identify exposed areas for lockdown and/or sanitization, social distancing violation, location heat map and other actionable health & safety analytics.
PIAM also allows you to automate your communications and deliver clear expectations and procedures to your workforce, visitors and contractors pre-visit and onsite—adding to a seamless experience.
Security convergence delivers a comprehensive, holistic solution across the entire food value chain, from sourcing to production to retail distribution. Human resources and physical security have teamed up—yielding real-time data that can prevent, detect and mitigate the spread of contagions. With this convergence comes greater situational awareness that defends and protects the workforce, with a strong focus on safety and building trust between worker and employer.
The event will begin every Thursday at 12 pm ET, beginning on September 3 and continue through December 17. Each week will feature three educational presentations, two Tech Talks, and a panel discussion. Weekly episodes include food defense, food labs, pest management, sanitation, food fraud, listeria detection, mitigation & control, professional development, women in food safety, supply chain management, COVID-19’s impact and food safety culture.
Frank Yiannas, FDA deputy commissioner for food policy and response, will serve as the keynote speaker on Thursday, October 1 at 12 pm ET.
“Human connection is so important for events, and we know we’re not the only game in town. That’s why we’ve invested in a Conference Virtual Platform that can facilitate discussions, discovery, and connection that can continue whether our event is offline or online—and not end with the live streaming,” says Rick Biros, president of Innovative Publishing and director of the Food Safety Consortium. “Simply, the experience other food safety conferences are offering is not conducive to learning, staying engaged or take into consideration that you have a job to do during that week. This is why we have designed the Consortium’s program with short, manageable episodes that are highly educational.”
Companies that are interested in sponsoring a 10-minute technical presentation during the series can also submit their abstract through the portal. For pricing information, contact IPC Sales Director RJ Palermo.
Food Safety Tech publishes news, technology, trends, regulations, and expert opinions on food safety, food quality, food business and food sustainability. We also offer educational, career advancement and networking opportunities to the global food industry. This information exchange is facilitated through ePublishing, digital and live events.
About the Food Safety Consortium Conference and Expo (The live event)
Food companies are concerned about protecting their customers, their brands and their own company’s financial bottom line. The term “Food Protection” requires a company-wide culture that incorporates food safety, food integrity and food defense into the company’s Food Protection strategy.
The Food Safety Consortium is an educational and networking event for Food Protection that has food safety, food integrity and food defense as the foundation of the educational content of the program. With a unique focus on science, technology and compliance, the “Consortium” enables attendees to engage in conversations that are critical for advancing careers and organizations alike. Delegates visit with exhibitors to learn about cutting-edge solutions, explore three high-level educational tracks for learning valuable industry trends, and network with industry executives to find solutions to improve quality, efficiency and cost effectiveness in the evolving food industry.
Strictly Necessary Cookies
Strictly Necessary Cookies should be enabled at all times so that we can save your preferences for these cookie settings.
We use tracking pixels that set your arrival time at our website, this is used as part of our anti-spam and security measures. Disabling this tracking pixel would disable some of our security measures, and is therefore considered necessary for the safe operation of the website. This tracking pixel is cleared from your system when you delete files in your history.
If you visit and/or use the FST Training Calendar, cookies are used to store your search terms, and keep track of which records you have seen already. Without these cookies, the Training Calendar would not work.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
A browser cookie is a small piece of data that is stored on your device to help websites and mobile apps remember things about you. Other technologies, including Web storage and identifiers associated with your device, may be used for similar purposes. In this policy, we say “cookies” to discuss all of these technologies.
Data generated from cookies and other behavioral tracking technology is not made available to any outside parties, and is only used in the aggregate to make editorial decisions for the websites. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent by visiting this Cookies Policy page. If your cookies are disabled in the browser, neither the tracking cookie nor the preference cookie is set, and you are in effect opted-out.
In other cases, our advertisers request to use third-party tracking to verify our ad delivery, or to remarket their products and/or services to you on other websites. You may opt-out of these tracking pixels by adjusting the Do Not Track settings in your browser, or by visiting the Network Advertising Initiative Opt Out page.
You have control over whether, how, and when cookies and other tracking technologies are installed on your devices. Although each browser is different, most browsers enable their users to access and edit their cookie preferences in their browser settings. The rejection or disabling of some cookies may impact certain features of the site or to cause some of the website’s services not to function properly.
The use of online tracking mechanisms by third parties is subject to those third parties’ own privacy policies, and not this Policy. If you prefer to prevent third parties from setting and accessing cookies on your computer, you may set your browser to block all cookies. Additionally, you may remove yourself from the targeted advertising of companies within the Network Advertising Initiative by opting out here, or of companies participating in the Digital Advertising Alliance program by opting out here.