Securing the Food and Agriculture (FA) industry, a critical piece of the United States critical infrastructure, is a big challenge. Not only does this sector require securing the physical safety of processing, manufacturing and growing facilities, it also includes protecting the cybersecurity of these locations. Many farms, especially large operations, have increased their technology use, with networks and automated processes. With large open and often isolated farms, as well as orchards and wineries that embrace pubic tours, hackers can target both malicious physical additions to the network and cyberattacks.
As today’s farming, manufacturing and processing facilities increasingly incorporate IT technology and internet connectivity throughout the supply chain, cybersecurity now plays a pivotal role in securing the FA segment of US critical infrastructure. Almost entirely under private ownership, there are more than 200,000 registered food manufacturing, processing and storage facilities, with the FA sector accounting for roughly one-fifth of US economic activity. Securing these networks, endpoints and facilities that are rapidly adopting unsecured IoT automation technology, is crucial to the US food supply and economy.
The Increasing Risks from IoT and ICS
FA manufacturers and processors not only need to employ traditional network security practices to secure the network, but also secure the network from the new threats that are NOT covered by traditional firewall and intrusion detection systems. As IoT integration rapidly expands into the manufacturing industry and connectivity becomes an important part of planning the supply chain, cybersecurity threats continue to expand in the FA manufacturing segment.
Built for autonomous machine-to-machine connection, IoT devices change how organizations collect data, automate services and structure interdependent systems. Since most IoT devices have little or no inherent security, they present an easy target for cyber attackers. This network security gap is common knowledge and particularly concerning for critical infrastructure organizations and the U.S. government. “The growing dependency on network-connected technologies is outpacing the means to secure them,” Jeh Johnson, secretary of Homeland Security said. “Securing the Internet of Things has become a matter of homeland security.”
But the risk to FA manufacturing and processing facilities does not end with IoT. As the facilities become increasingly connected to the internet, many traditional Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems that are already in most manufacturing and processing facilities are now vulnerable. These systems were originally designed to be secured through their obscurity – they were buried deep in the network. Now that almost every network segment is connected and internet enabled, these ICS and SCADA systems frequently lack inherent security and can now be vulnerable endpoints. While new ICS and SCADA systems are now designed for enhanced connectivity and remote access, organizations need to ensure the security of both legacy and new equipment.
The FA Cybersecurity Framework
As cybersecurity threats continue to increase, FA organizations need to continuously adapt to secure the network from these threats. In the broad overview, the FA sector-specific critical infrastructure plan emphasizes that organizations should:
While there are many government committees and subcommittees that are responsible for working with FA critical infrastructure organizations and defining sector specific goals, the cybersecurity policies and procedures are all based on National Institute of Standards and Technology (NIST) Cybersecurity framework. While this blog will highlight the main points, for a detailed overview of the NIST framework, please view our blog, How to Align Enterprise Network Security with The National Institute of Standards and Technology Cybersecurity Framework. The NIST framework is based upon five key points:
As you can see, this is a very broad framework that seeks to convey the basic best practices for network and cybersecurity in simple terms. Organizations should use this framework to build a solution.
How Fortinet & Bradford Networks help secure your network and comply with NIST recommendations
The combined technology of Fortinet and Bradford Networks, a Fortinet company, delivers powerful enterprise network security. The combined technologies extend the Fortinet Security Fabric to provide complete control, integration and easy management of security across the organization. From Fortinet’s powerful firewall and traditional network security, to securing IoT or the cloud, the new combined Network Sentry and Fortinet Security Fabric helps critical infrastructure organizations satisfy many of the NIST cybersecurity requirements.
Identify: The identification capabilities of these combined technologies are truly foundational for the NIST Cybersecurity “Identify” category. It provides visibility into all devices on the network, allowing organizations to inventory endpoints, control user and device access, and mitigate overall risk. This is crucial with the increasing risks to FA manufacturing and processing plants due to IoT, ICS and SCADA connectivity. Network Sentry also aids in NIST compliance with visibility controls by seamlessly populating any Configuration Management Database (CMDB) with up-to-date information on all endpoints and devices on your network.
Protect and Detect: These combined security technologies enable organizations to control network access for every endpoint device connected to their networks, regardless of the device, user, or location. It provides unified threat management that protects the network with powerful firewalls, antivirus, VPN services and much more, while also controlling access and serving as a compensating control for user devices and headless devices (such as IoT, many ICS and SCADA).
Respond and Recover: Network Sentry has automated threat response capabilities for comprehensive security automation and orchestration. It integrates with almost all security solutions to enhance the fidelity of alerts and increasing the accuracy of event triage. By cutting through the noise and effectively triaging the alerts, it enables quick, effective responses to potential threats—then contains them if needed—in real time.
To learn more about how these solutions work within the NIST Cybersecurity Framework to enable faster, more effective responses to threats, read our whitepaper on Reducing the Critical Time from Incident Detection to Containment or download our Network Sentry and NIST use case.
*We value your privacy and use a variety of security measures to protect your personal information.
Our email is permission-based and we will only send you relevant information.