Is your produce business prepared for a cybersecurity attack?

ProduceSupply.org has released the first revision to its best practices for produce suppliers.
ProduceSupply.org has released the first revision to its best practices for produce suppliers.
(Photo: Adobe Stock)

In response to what it says is a “significant increase in the frequency of ransomware and other cyberattacks,” ProduceSupply.Org, a consortium of North American produce suppliers working together on technology initiatives in fresh produce, has released the first revision of the PSO Cybersecurity Best Practices for Produce Suppliers to provide produce companies with a framework to defend and protect themselves from cyberattack. 

“There have been high-profile, invisible cyberattacks on members of the agricultural community in just the last five or six months and as recently as April, [which prompted] the FBI to put out their cybersecurity advisory for the agricultural sector,” Eric Regnier, information and technology security manager at ZAG Technical Services, told The Packer. 

Cyber criminals are specifically targeting agricultural companies when they're at their most vulnerable or most operationally sensitive, like when they're trying to get crop out of the ground, added Regnier. This timing improves the cyberattacker’s ability to extract a ransomware payment.

The growing threats prompted the PSO to form the PSO Cybersecurity Council in December 2021. The council is comprised of 16 information technology professionals from 10 produce companies, including Calavo Growers, Duda, Foxy Produce (The Nunes Company), Grimmway Farms, L&M Companies, Oppy, and Tanimura & Antle. ZAG Technical Services, a provider of information technology for Western agribusinesses, donated its technical expertise to the initiative as subject matter experts. 

“As a commodity-based industry, PSO members are reliant on each other and our ancillary suppliers to deliver fresh, perishable produce into the supply chain on a 24/7 basis — and cyberattacks can thwart those efforts,” said Johnny McGuire, chairman of the PSO Cybersecurity Council and IT director for The Nunes Company, in a statement. “The PSO wanted to introduce some actionable best practices that suppliers can take back to their IT departments and implement immediately.”  

Based on the National Institute of Standards and Technology Cybersecurity Framework and tailored to meet the specific demands of the fresh produce industry, the guidelines are broken down into three tiers — high, middle and low — and meant to provide actionable guidance to improve cybersecurity defenses for companies of all sizes. Companies can determine what their tier is with the implementation tier calculator.

“Thinking about security is quite daunting for any organization, and particularly for resource-constrained organizations,” said Regnier. “It’s easy to get paralyzed in the process, and it can become so overwhelming that it's hard to understand where to even begin.

“What we endeavor to do with these standards is to take the NIST cybersecurity framework, which is a globally recognized standard for cybersecurity, and develop a roadmap for the implementation of cybersecurity standards and best practices that are sized to the organization to make it achievable and easily understandable,” added Regnier.

Small companies are targets, too

Everyone with a presence on the internet is at risk, said Regnier, including smaller companies that think they’re flying under the radar due to their size. “Oftentimes, cyber criminals are actively looking for ways to get into small companies every bit as much as larger ones,” he added.

The PSO is offering these standards, which are free and open to all, with the goal that anyone who needs or wants them can access them. The consortium hopes that, by creating a forum for transparency and the sharing of best practices, the produce industry can better protect itself.

“We hope that people will go to our website, download our standards and start talking about them internally,” McGuire told The Packer. “A lot of this starts with management. They have to buy into it, and we certainly see a lot of analogies between preparing for a cyberattack and with what happened with food safety in the Salinas Valley in 2006.”

Seeking to be a resource across the industry and its organizations, the PSO formed the Cybersecurity Council and established cybersecurity standards to be openly shared for the benefit of all.

“There’s nothing more important than protecting the nation’s food supply,” said Erik Larsen, chief operating officer of PSO. “These standards provide a framework for building safeguards across the industry we care so much about.”

 

Tags

Data Security
 

Latest News

Packer Tech
Where will artificial intelligence take the produce industry?
Where will artificial intelligence take the produce industry?

From yield forecasting to plant and weed identification, experts say the future is endless for the integration of artificial intelligence.

Christina Herrick
Industry
Florida Tomato Exchange responds to Mexican tomato exporter lawsuit
Florida Tomato Exchange responds to Mexican tomato exporter lawsuit

The organization that represents Florida tomato growers says the tomato suspension agreements are ineffective and that dumping still continues.

The Packer Staff
Produce Crops
Mango market continues to expand
Mango market continues to expand

Despite supply challenges, the mango market continues to grow, says Dan Spellman, director of marketing for the National Mango Board.

Tom Karst
Industry
What lies ahead for U.S.-Mexico tomato agreement?
What lies ahead for U.S.-Mexico tomato agreement?

It’s no surprise that the education session on the tomato suspension agreement at this year's Viva Fresh Expo was a packed house, given the extensive discussion recently over its future.

Christina Herrick
Food Safety
Clean Works disinfects produce with waterless food safety technology
Clean Works disinfects produce with waterless food safety technology

The company says its process uses vaporized hydrogen peroxide, ozone and ultraviolet light to eliminate up to 99.99% of pathogens, addressing global food safety challenges across industries.

Aaron Gonzalez
Retail
Grubhub expands marketplace with Mercato partnership
Grubhub expands marketplace with Mercato partnership

The move will expand the Grubhub Marketplace to include over 950 independent grocery stores nationwide.

Aaron Gonzalez
View More