Food production and distribution are critical entities for the Finnish security of supply. Both depend greatly on the functionality of digital systems. What happens when the digital environment of food chain is targeted with cyberattacking?
A cyberattack targeted at food production and distribution value chain can largely affect for example primary production, logistics, refrigeration devices or central warehouses. The consequences can at their worst be grievous. Delays in food delivery could cause shortage of food in the whole society such as shops, hospitals, schools, and garrisons. Breaks in cold chains would inflict great economic losses when the food supplies go bad.
"The actors’ level of preparedness for cyber threats varies a lot. Our purpose is to create common operational models to prepare for cyber threats, as well as to identify and prevent them. Cybersecurity information sharing also requires practicing", states Elina Suni, the project manager at JAMK University of Applied Sciences.
The organizations’ cybersecurity knowledge as well as their operational processes are of paramount importance in emergency situations. Perception of the situational picture and the management based on it also play a vital role.
"Managing a complex digital environment involves much more than technology. For example, the management of incidents and the communication included in it as well as understanding the critical operations of the company play an essential role. One significant way to improve the tolerance to cyberattacks is to receive accurate and timely situational information."
To reach and maintain an adequately secure cyber operation environment continuous development and maintenance of organizations’ knowledge is required. The best way to achieve this is to take part in cybersecurity exercises.
"We are expanding our cybersecurity exercise environment, that operates separated from the public Internet, and we will model the technical environment and operational processes of food production to the environment. Cyberattacks, malware and incidents can be observed and tested in a realistic operational environment during a pilot exercise organized by the project."
Many actors in the private and public sectors have become aware of the significance of food production and distribution. The project has numerous partner companies and actors tightly linked in the field: Atria Plc., Cinia Ltd., DeLaval Ltd., Elisa Corporation, Fazer Group, Kesko Corporation, Netum Ltd., Penttilän Maito Ltd., SOK Corporation, Tapiolan maitotila, Telia Cygate Ltd., Valio Ltd. as well as National Emergency Supply Agency and TRAFICOM/ National Cyber Security Centre NCSC-FI.
The recently started Food Chain Cyber Resilience project at JAMK is funded by the European Regional Development Fund, JAMK and partners listed above. The investment project (started in parallel) is funded by the European Regional Development Fund and JAMK. The total amount of the funding is €1.4 million.
Elina Suni, Project Manager of Food Chain Cyber Resilience project
+358 40 649 5054
Institute of Information Technology, JAMK University of Applied Sciences