Why Zero Trust is the Best Defence for our Digital Food Supply Chain

Written by

While the ways our supermarkets have embraced technology during the pandemic have been well documented, the food supply chain has been quietly looking at ways to embrace digitalization to deliver better quality food and decrease food waste. However, increased use of digital solutions comes with new challenges for the cold chain, primarily the need to keep infrastructure and data safe from cyber-criminals. So, as the world’s food industry moves into the digital era, what security risks does it face, and how can they mitigate those risks to stay as secure as possible?

The Importance of Protecting Vital Cold Chain Information

The cold chain has historically been cautious in its uptake of modern technologies due to a perceived prohibitive upfront cost and concern over the impact to trading and infrastructure. However, slowly but surely, organizations across the cold chain are adopting digital technology as the benefits of more efficient logistics and procurement, both in terms of cost savings and mitigating food waste, become increasingly overwhelming alongside the additional advancements in solutions that are less invasive with minimum upfront cost.

With a renewed focus on supply chain efficiency during the pandemic, the monitoring and controlling of the cold chain has become increasingly reliant on raw real-time data and automation. However, whereas the cold chain has historically faced physical challenges such as supply routes being cut off or bad harvests, the rise of the digital cold chain will bring a new threat: cybercrime.

Poorly configured devices, networks and open entry points allow cyber-criminals and hostile nations to cause real and meaningful damage to our food supply chain. From causing food to spoil by storage temperature interference to causing a blackout for supply chain managers by bringing entire systems down, poor cybersecurity within the cold chain leaves the system vulnerable and, therefore, the consumer.

That’s why a zero trust approach is critical.

Zero Trust and Minimum Standards

There are several standards that technology vendors within the cold chain should adhere to at a minimum to improve defenses and mitigate risk. These include encrypting filesystems as default, ensuring all data is transported using TLS 1.2 at the very least and enforcing complex password standards combined with secondary factors of authentication such as Google Authenticator, SMS or Client Certificates.

Aside from these practical steps, the cold chain also needs to agree to a minimum set of cybersecurity standards. This serves two purposes: it allows supermarkets to be assured that their supply chain partners are safe to work with and less prone to cybercrime incidents. It also will enable organizations across the cold chain to follow an industry-standard best practice, which will ultimately protect our food supply chain as a whole.

Emergency levers can also be pulled when these minimum security standards are not met. For example, the food retail sector and supply chain can protect critical data by using devices like an edge gateway, which can encapsulate customer data with secure data transformational services when configured correctly. This acts as a ring-fence around critical data and provides constant protection of collected data and information.

Customer Trust

An additional consideration of bolstering cybersecurity in the food retail sector is the importance of securing consumer data. While protecting our cold chain from disruption is critical for the food retail sector, ensuring customers can trust supermarkets with their own data should not be underestimated as an essential consideration.

From home address and bank details to consumer behavior that could be sold to third parties illicitly, the food retail industry has a duty to protect personal information and its own critical infrastructure. Rules around GDPR and other data protection legislation form a vital part of the protection of consumer details. Still, organizations in a sector as crucial as food retail should be aiming for much higher standards. Again, a zero trust approach to cybersecurity ensures consumers can trust that their information is secure while engendering a culture of good practice when it comes to mitigating cybercrime.

As our cold chain and food retail sector become more reliant on digital technology, they become more exposed to modern security threats. Cyber-criminals and hostile nations can exploit vulnerabilities to cripple our food supply chain, and so the sector must get its cybersecurity provisions in order. A zero trust, best-practice approach is key to protecting critical food supply infrastructure and ensuring our supermarkets, their suppliers and the consumer can enter the digital age with absolute confidence.

What’s hot on Infosecurity Magazine?