This whitepaper addresses the cyber security threat to agriculture and the wider food network. The perspective and primary focus is the United Kingdom but the majority of observations on the structure of markets, technologies and related issues are largely applicable to other countries. Furthermore, some of the recommended actions identified in this whitepaper, such as standards, require international collaboration.
This whitepaper is the output of a collaborative effort between Harper Adams University and NCC Group. It collates the viewpoints of industry specialists gathered from a series of workshops, with references to other sources that reinforce or supplement these viewpoints. This whitepaper is not a comprehensive study of cyber security in the agricultural industry – to completely threat model the food network and assess all risks would require a significant undertaking, involving input from multiple stakeholders, which is beyond the scope of this whitepaper.
The intention of this whitepaper is to outline the current security posture of the agricultural industry, expected near-to-medium-term changes and recommended actions to mitigate these cyber risks. The wider food network was studied to provide context to agricultural cyber threats, the criticality they pose and to enable identification of the most critical areas of concern at a national level.
A more detailed study is made of farms, which are of particular interest due to bespoke technologies, market forces and behaviours. This whitepaper also studied the attack surfaces of one key agricultural technology – agricultural ground vehicles – chosen due to their ubiquity and the assumption that they are high-risk assets.