During a recent Food Institute webinar, experts from RSM US LLP and HUB International Northeast outlined the cybersecurity risks facing food companies and the steps leaders can take to improve resilience against ransomware, business email compromise, and AI-driven attacks.
Food companies face a growing cybersecurity challenge as ransomware attacks, AI-powered phishing scams, and increasingly connected supply chains create new vulnerabilities across the industry.
Cybersecurity experts Richard Servillas, Director of Security, Privacy, and Risk Consulting at RSM US LLP, and Nicholas Cacciola, Senior Vice President and Northeast Cyber Practice Leader at HUB International Northeast, warned that cyber threats are no longer simply an IT issue. Instead, they have become a business continuity risk that can directly impact production, distribution, revenue, and brand reputation.
For food manufacturers, processors, distributors, and retailers, the question is no longer whether cyber threats will emerge, but whether organizations are prepared when they do.
Why Are Food Companies Being Targeted by Cybercriminals?
Many food companies still assume they are unlikely targets because they don’t operate in technology or financial services.
According to Servillas, that assumption is one of the industry’s biggest vulnerabilities.
We’re just a food company. Why would anyone target us? is a mindset he frequently encounters. “That’s some of the exposure mindset, and that’s what attackers really love. It keeps people really unprepared.”
Food and beverage businesses possess several characteristics that make them attractive targets:
- Time-sensitive operations and perishable inventory
- Complex supplier and logistics networks
- Connected manufacturing and refrigeration systems
- Lean IT teams
- High costs associated with downtime
Unlike other sectors, a cyberattack on a food company can quickly affect production schedules, inventory availability, and customer fulfillment.
“What we are seeing is that it’s really just not an IT problem anymore,” Servillas said. “It’s really coinciding with more of that business continuity, disaster recovery type of problem.”
What Are the Biggest Cybersecurity Threats?
Ransomware remains the most significant cybersecurity threat across the food industry.
Modern attacks increasingly involve “double extortion,” where criminals both encrypt company systems and steal sensitive data before demanding payment.
“The bad guys are encrypting your systems, and they’re also stealing a bunch of your information,” Servillas said.
Even organizations with strong backup systems may still face regulatory, legal, and reputational challenges if sensitive information is exposed.
Business Email Compromise (BEC) continues to generate significant financial losses across industries.
These attacks often involve impersonating vendors, suppliers, executives, or financial personnel to redirect payments or alter banking information.
“It’s low tech, it’s high impact, and it’s really dangerous,” Servillas said. 
Because food companies frequently manage numerous supplier relationships and payment workflows, they can be particularly vulnerable to these scams.
AI-Powered Social Engineering: Artificial intelligence is making phishing attacks more sophisticated and scalable.
“We’re seeing much better and really realistic phishing emails,” Servillas said. “The clone voices are pretty wild to hear.”
Attackers can now generate highly personalized emails, voice messages, and impersonation attempts with minimal effort, increasing the likelihood of successful attacks.
“The same technology that’s disrupting regular business and enhancing our abilities to use AI is also accelerating the attackers,” Servillas said.
How Is AI Changing Cybersecurity Risk?
Artificial intelligence is creating opportunities for both defenders and attackers.
While organizations are adopting AI tools to improve productivity and operations, cybercriminals are using the same technology to improve fraud campaigns and automate attacks.
According to Nicholas Cacciola of HUB International Northeast, insurers are increasingly evaluating how organizations govern AI use.
Rather than focusing solely on the technology itself, carriers are assessing whether businesses have established policies, oversight, and approval processes for AI implementation.
“It’s more of that approach to underwriting than it is anything else,” Cacciola said.
What cybersecurity controls matter most? Both speakers emphasized that cybersecurity resilience is often driven more by preparation than spending.
“The gap isn’t necessarily all about money,” Servillas said.
Among the controls that organizations should prioritize:
Multifactor Authentication (MFA): Cacciola said organizations working with insurers are increasingly being evaluated on fundamental security controls, particularly multifactor authentication (MFA).
“The one control that really can be tied back to performance and losses is multifactor authentication,” he said.
Tested Backups: Servillas repeatedly stressed the importance of backup validation.
“Backups, backups, and more backups,” he said.
A backup strategy should include regular testing and restoration exercises to ensure systems can actually be recovered after an attack.
“A backup that you’ve never restored from, that’s more of a hope and not really a plan.”
Employee Training: As phishing and business email compromise attacks become more sophisticated, employee awareness remains a critical line of defense.
Organizations should train staff to identify suspicious requests, verify payment changes, and validate unusual communications through secondary channels.
Tabletop Exercises: Incident response plans are only effective if organizations practice them.
According to Servillas, tabletop exercises often reveal critical gaps in decision-making authority, communication procedures, and response responsibilities. Organizations frequently discover that key stakeholders are unclear about who is responsible for activating insurance coverage, communicating with vendors, or making operational decisions during an incident.
Cyber Insurance: According to Cacciola, cyber insurance should be viewed as part of a broader cyber risk management strategy rather than a standalone solution.
Organizations should understand their coverage, response procedures, preferred vendors, and policy requirements before an incident occurs.
What Food Companies Must Do Next
The webinar’s overarching message was simple: preparation matters more than perfection.
Food companies cannot eliminate cyber risk, but they can significantly improve resilience through planning, training, and operational readiness.
Among the most important actions organizations can take today:
- Deploy multifactor authentication across critical systems.
- Test backups regularly and validate recovery procedures.
- Conduct tabletop exercises with internal and external stakeholders.
- Train employees to recognize phishing and social engineering attacks.
- Review cyber insurance coverage and incident response procedures.
- Establish governance policies for AI tools and applications.
“The food companies that are winning this, they’re planning for the when, not the if,” Servillas said.
As cyber threats continue to evolve, particularly through AI-enabled attacks, cybersecurity is becoming a core business function rather than a technology issue.
“Readiness really beats all the spending that you can do,” Servillas concluded. “Focus on being prepared.”
For food industry executives, that preparation may increasingly determine not only cybersecurity outcomes, but operational continuity and competitive advantage as well.
Food for Thought Leadership
Food retail is undergoing a fundamental transformation, and few people have a better vantage point than the SupermarketGuru Phil Lempert. In this episode of Food for Thought Leadership, Lempert joins FI’s Chris Campbell to discuss the forces reshaping grocery, from inflation and private label growth to changing consumer expectations around health, wellness, and transparency.
Click Here For The Original Source.
