Raising the Bar: Food Defense
When the Food Safety Modernization Act (FSMA) was passed in 2011, it was the first regulatory recognition of intentional acts against the food supply in the United States. Among the FSMA's long list of changes—including the regulation of produce and updates to the U.S. Food and Drug Administration's (FDA) authorities—is a rule that emphasizes food defense and strengthens its efforts.
Food defense is the effort to protect food from acts of adulteration where there is an intent to cause harm. The FSMA's final intentional adulteration rule, released in May 2016, establishes a compliance framework for regulated facilities. Like counterterrorism laws for many industries, regulated facilities must prepare a security plan—in this case, a food defense plan—and conduct a vulnerability assessment to identify significant vulnerabilities that, if exploited, might cause widescale harm to public health, according to the FDA.
According to the FSMA's intentional adulteration rule, regulated facilities must identify and implement mitigation strategies at actionable process steps to provide assurances that the significant vulnerability at each step will be minimized or prevented. How this is accomplished must be put into writing as part of the food defense plan that includes auditable procedures that track how food defense is implemented, monitored, and verified. The plan must maintain records, be reevaluated periodically, and include records to support personnel training.
Compliance dates for the regulation are based on the size of the regulated facility. Very small businesses—which average less than $10 million per year—must comply with modified requirements by July 2021—five years after the publication of the FSMA final rule. Small businesses—which employ fewer than 500 full-time employees—must comply by July 2020. And those businesses that are not classified as small or very small and do not qualify for exemptions must comply by July 2019.
A Written Food Defense Plan
Under the FSMA final rule, regulated facilities are required to prepare and implement a written, dated, and signed food defense plan, which must include the outcomes of the vulnerability assessment, mitigation strategies for each actionable process step identified, plans for recordkeeping and periodic reanalysis, and procedures for food defense monitoring, corrective actions, and verification.
The FDA has identified four key activity types where an act of intentional adulteration is most likely to occur based on vulnerability assessments that have been conducted over the last 15 years across a variety of commodities. These areas include coating, mixing, grinding, or reworking; ingredient staging, preparation, or addition; bulk liquid receiving or loading; and liquid storage and holding.
Elements. According to the FDA, the presence of these key activity types at a process step—such as manufacturing, processing, packing, or holding of food—indicates a significant vulnerability.
The FDA has provided flexibility to regulated facilities to choose a vulnerability assessment methodology appropriate to their operations, providing that the methodology addresses fundamental elements. These fundamental elements include acts of intentional adulteration to the process, the degree of physical access to the product, and the ability of an attacker—including insiders—to successfully contaminate the ingredient or product.
If the vulnerability assessment finds that these factors converge, a regulated facility has a significant vulnerability at an actionable process step. This means written mitigation strategies must be included in the facility's food defense plan and management components to ensure proper implementation of the mitigation strategies, including monitoring, corrective actions, and verification.
Plan. The written food defense plan is not a food safety or food quality plan—the food defense plan is not intended to be woven into existing plans.
While few owners or operators look forward to creating a new program or document, a written food defense plan is critical for demonstrating compliance with the new law and assuring customers of compliance. Organizations that have already developed a food defense plan may be that much further ahead in terms of FSMA compliance.
The food defense plan must be reassessed every three years—or more frequently if there are changes in facility activities, new information on vulnerability to food production, failures in the implementation of existing mitigation strategies, or if the FDA directs a reassessment. Changes to the plan as a result of these reviews must be reflected in the food defense plan.
The FDA says that a clearly written, standalone food defense plan will facilitate proper implementation of mitigation strategies. However, based on the author's nearly 30 years of working with organizations that must comply with a new regulation requiring a written food defense plan, the Intentional Adulteration rule poses several challenges.
Many organizations are already involved in voluntary food defense initiatives and have food defense protocols or programs in place to demonstrate compliance with those initiatives. With an added FSMA food defense plan requirement, there is an additional layer of complexity and coordination if an organization erroneously elects to maintain two separate plans.
Additionally, most organizations have already made substantial investments in securing personnel and operations but may not have documented security measures in the form of a written plan as required.
Some organizations may be regulated by other entities—such as the U.S. Marine Transportation Security Act or U.S. Chemical Facility Antiterrorism Standards. With a rigorous physical security or asset protection plan already in place, adding a food defense plan creates potential for duplication and coordination challenges, particularly as it relates to the poorly understood but critical role that foundational programs such as physical security, training, and personnel surety have in reducing the risk of intentional adulteration.
A facility-specific vulnerability assessment is a legal requirement designed to protect the public from intentional adulteration of food. However, there is a significant debate about whether FSMA's rule is currently structured to deliver meaningful value to the food industry. Experienced practitioners recognize that there is a significant difference between complying with the rule and providing comprehensive food defense and enterprise security risk management for their organizations.
The threshold of tolerance for risk for food manufacturers is far lower than the FDA standard of widespread public health impact under FSMA's rule. One illness or injury from an act of intentional adulteration is too many from the manufacturer's perspective. A risk assessment to identify enterprise risk might be more useful than the limited focus on intentional adulteration as defined under the current FSMA rule.
In risk assessments that the author has performed in the last several years, scenarios associated with intentional adulteration made up only 10 percent of a company's applicable security scenarios. Food manufacturers are cautioned against pigeonholing all security measures against food defense alone to the detriment of risks to people, other assets, and intellectual property. The author, member of the ASIS Food Defense and Agriculture Security Council, strongly recommends a comprehensive approach to criminal and terrorist risk mitigation and a strategic approach to security risk management with a strong and compliant food defense component.
While not in the rule, the FDA's guidance states that existing mitigation such as locks or other foundational programs should not be considered while performing the vulnerability assessment—assessments should be conducted as if no security is in place. This is an important distinction because the assessment process is not measuring risk, only vulnerability. This approach is generally not good for businesses and results in excessive cost in mitigating vulnerability, rather than addressing the highest risks of intentional adulteration.
A wide variety of unknowns to the industry are related to threat intelligence, and a lack of information sharing between the U.S. government and industry inhibits sound risk-based business decisions.
For example, the U.S. government does not provide timely and accurate intelligence to the food manufacturing community about the true nature of the threat to the food supply. Similarly, the U.S. government does not define or share the scientific nature of intentional adulteration, so the industry does not know what agents and quantities would create a widespread public health impact.
There is also insufficient information available to the private sector regarding the identification of indicators of a developing insider threat, which is a heavy emphasis of the current FSMA rule. This lack of guidance hampers the identification and implementation of effective controls.
Together, these factors create an environment where full compliance may still leave an organization short of achieving the stated objectives of the regulation: preventing intentional adulteration. There are no indications that the regulatory environment will change in the near term, as the first milestone of compliance fast approaches. The following advice is offered to maximize the benefit of a risk assessment-informed food defense plan.
Assessment team. Facility-specific vulnerability assessments require a list of food defense team members and their qualifications. Ideally, the team would include a chemical engineer, a toxicologist, a food safety professional, operations personnel, and a security subject matter expert to cover threat assessment, vulnerability identification, and options for security mitigation. In a real-life situation, however, the type of available personnel may be limited.
Prior to the introduction of the concept of food defense, this matter was not a primary responsibility of the security department—it generally fell to the food safety or quality control departments. Given that food defense is a counterterrorism and crime prevention effort, it is critical for security to partner with the food safety and quality professionals in the industry. Both disciplines bring critical competency necessary to properly position organizational processes to work well to prevent or detect an act of intentional adulteration—not just widespread public health impact.
The failure to include a physical security subject matter expert in a risk assessment will likely result in the oversight of exposures that could be exploited by an adversary—particularly outsiders and, to a slightly lesser degree, insiders—in an intentional adulteration attack. The security practitioner also brings to the table the basics of access control, training, and personnel surety, which are critical foundational programs to aid in reducing risk of intentional adulteration.
Process flow. In most instances, the facility under consideration will already have a hazard analysis and critical control point flow diagram. These diagrams are usually simplified schematics of the process and, irrespective of the vulnerability assessment methodology chosen, are a good place to start. It is valuable to go over the flow diagram in detail with facility staff to identify those generic blocks that contain multiple pieces of equipment and define these and any processes that are not represented on the flow diagram to determine the effect, if any, they exert on the product.
All equipment and process steps that exert an effect should be included in the assessment to get an accurate understanding of the conditions an added agent would be subjected to and to identify if there are any vulnerabilities within the production environment that the flow diagram does not capture. By not performing a detailed risk assessment of the entire process, a facility might inaccurately depict the risk that exists from an act of intentional adulteration.
Additionally, it is possible that some of the hazard analysis and critical control point process steps that are identified in these diagrams could need to be broken down further to more fully understand the forces being exerted on the ingredients of the finished product. The step identified as "receiving," as an example, could consist of multiple sub-steps that include seal verification, receipt of the material, quality sample and holding, offloading, staging, screening, and storage. From this example it's easy to see that the hazard analysis and critical control point flow diagram is a good start, but owners and operators are encouraged to look a little closer at each of those steps to make sure that each point, step, or procedure is being adequately assessed.
Vulnerabilities. A significant vulnerability, as defined by the FDA, has three considerations: potentially severe or scalable public health impact if a contaminant were added, the degree of physical access to the product, and the ability of an attacker to successfully contaminate the product.
Begin with ingredient or raw material receiving and follow the process steps through to the finished product's packaging, storage, or loadout. At each step, determine if it is possible to add a contaminant and, if added, whether the contaminant could survive the process and be able to harm the public.
Processing steps that might kill bacterial contaminants may not permanently denature toxins or acutely toxic chemicals, for example. The effect a processing step can have on contaminants needs to be evaluated for all classes of potential food defense contaminants. As stated earlier, this information is not readily available to the food and beverage industry and creates challenges for the industry to be able to fully understand the impact these contaminants can have on ingredients and finished products being manufactured.
Potential impact. According to industry experts, the greatest shortcoming of today's food defense vulnerability assessment mechanisms is that they do not provide guidance on how to address specific contaminants. The potential impact of the contamination of an undefined process with an unknown quantity of an unidentified agent is impossible to discuss. Using a short list of agents, a facility-specific vulnerability assessment could be used to try to depict the potential impact of each agent, should a contamination occur at a particular point, step, or procedure.
While everyone has heard of anthrax, who knows how to determine if there would be a negative effect on the public health if a certain quantity of it were added to a process step? Not being able to accurately model the fates of specific agents within a process may yield an inflated sense of concern resulting in unnecessary expenditures. With some work, it is possible to simplify traditional chemical and biological risk assessment methodologies and apply them to the facility's process. Doing so provides a more accurate picture of likely-negative effects on public health.
Agent removal. Are there processes downstream from a potential actionable process step that could reasonably be expected to reduce the risk of an intentional adulteration?
In most instances, processing exerts an effect on the product being manufactured. The question is whether that processing step contributes to a reduction of risk. Is the product subjected to a reduction where part of the product stream is diverted, or is there a filtration or rinsing or drying step that can be expected to remove a contaminant? If there are steps in the process that could reduce the contaminant load, the extent to which the reduction can be expected to occur and the rationale for expecting the reduction need to be explained. These written justifications are required within the food defense plan.
Access. Access control is the first line of defense in reducing the risk of intentional adulteration and is a foundational element of a sound facility security plan. If a process step is located within an access-controlled room within an access-controlled building within an access-controlled premises, it is far less likely to be contaminated by an external aggressor than a process step for which these barriers to access have not been established or are poorly controlled.
Having the hardware in place is half of the challenge; training and demonstrating functionality is a prerequisite for sound facility security posture. Additionally, if only a single, well-vetted employee has access to the process step, as opposed to every employee in the facility, the potential for an intentional adulteration is reduced, but the risks borne by that insider attacker need to be addressed and controlled.
A significant characteristic of a processing step that can be inadvertently overlooked is whether the process step is sealed. If the process operates under vacuum, high pressure, or high temperature, the processing step could have next to no access and therefore probably cannot be compromised while in operation.
Contamination. This is determined by both the physical access to the product and the amount of agent or contaminant that would be required to contaminate the volume of product being produced or stored, in order to result in wide-scale public health impact.
A small process that manufactures hundreds of servings of a product will require much less contaminant to be toxic than a process that manufactures millions of servings.
How much of an acutely toxic chemical, toxin, or pathogenic microbe could an aggressor carry into the facility without being challenged? This type of mitigation is typically covered by physical security foundational programs such as visitor screening, prohibition of personal effects in the manufacturing environment, and bag checks.
Volume of product. The volume of product that could be impacted in an intentional adulteration is determined by the number of consumable units as a result of the volume or mass of product immediately prior to packaging in a consumable package. It should not be necessary to consider volumes impacted at the operating units within the process because it is the potential toxicity of the finished product that is the concern.
Products. It is possible to identify a vulnerability that does not rise to the level of a widescale public health impact as defined by the FDA, but where an act of intentional adulteration could be catastrophic to the brand or organization. It is important to capture these conditions if observed in a vulnerability assessment and to address those in enterprise food defense efforts, which undoubtedly will exceed what is required by FSMA.
In one recent vulnerability assessment, a processing step along a conveyor was observed where the product was accessible after it was put into the unsealed container and before it was sealed in the consumable package. In theory, it is possible that the finished product could be contaminated, but not to a point where it could cause widescale public health impact. It would be inappropriate and irresponsible to ignore this exposure, but in theory, if a facility is performing an FSMA key activity-type vulnerability assessment, it would be compliant without addressing this exposure.
The Insider Threat
The FSMA Intentional Adulteration rule clearly and rightfully acknowledges the insider threat. While foundational security programs—such as badging, video, surveillance, and workplace violence prevention—mitigate the risk of both outsiders and insiders gaining access to the food production process, companies may need to put in place additional mitigation strategies that deal with a potentially sophisticated insider that is capable of engaging in an act of intentional adulteration.
In a 2016 case, a Minnesota woman was sentenced to 90 days in jail after being convicted of two felony counts of causing damage to property at her workplace. She was also ordered to pay $200,000 in restitution for contaminating food product with sand and black soil. Twenty-eight tons of chicken had to be recalled due to this act of intentional adulteration. While no motivation was publicized in the ensuing coverage of the incident, it goes to show the magnitude of the damage that an insider can cause.
In a more recent incident in the United Kingdom, a couple was arrested for plotting a terrorist attack. The circumstances around the event were reported by the Food Protection and Defense Institute at the University of Minnesota in its February 2018 newsletter.
A man who worked for a large food company met a woman with an advanced degree in pharmaceutical science on a dating site. They shared extremist, ISIS-inspired views—the man reportedly visited and communicated with ISIS-sponsored social media sites. Using their respective industry knowledge, the duo plotted to build and detonate bombs, and investigated making ricin before they were arrested by police.
A strategy to manage the insider threat must be spelled out in the vulnerability assessment. Like workplace violence, intentional adulteration could be perpetrated by individuals with different motivations.
There is not a great deal of information developed on these classifications of offenders as of the writing of this article, but it is important to recognize that there are distinctions, and the risk can be reduced through education of the warning signs of an insider who could pose an elevated threat to an act of intentional adulteration.
There continues to be debate between the industry and government on the Intentional Adulteration rule as compliance deadlines loom. Industry professionals know that compliance with FSMA alone does not meet the high bar the industry has set for itself. The ASIS International Food Defense and Agriculture Security Council encourages members of the food and agriculture industry to consult available resources, join the conversation, support the debate, and best influence the regulation to truly and holistically contribute to food defense.
Frank Pisciotta, CSC (Certified Security Consultant), is a veteran independent security consultant and subject matter expert in risk analysis, security system design, security management, and a variety of critical infrastructure verticals including food, healthcare, education, manufacturing, oil/gas, and chemical, in both public and private sector organizations. He can be reached at email@example.com.
Resources on Food Defense Preparedness and Training
ASIS Food Defense and Agriculture Security Council
Security and food defense professionals working collaboratively to serve and develop resources for the industry with the mission of helping to protect the food supply chain from farm to fork.
The FDA has established an Intentional Adulteration Subcommittee with the Food Safety Preventive Controls Alliance to develop food defense training resources for industry and regulators alike.
The agency intends to publish guidance documents to provide information relevant to the provisions of the final rule, such as conducting a vulnerability assessment, identifying and implementing mitigation strategies, and writing procedures for food defense monitoring, corrective actions and verification. These guidance documents may be available by the summer of 2018.
In addition, FDA has a number of tools and resources currently available on the web (www.fda.gov/fooddefense) that were developed for voluntary food defense efforts.
The Mitigation Strategies Database
An online, searchable listing of mitigation strategies that can be applied to different steps in a food operation to reduce the risk of intentional adulteration.
The FDA FSMA Food Safety Technical Assistance Network
This network is already operational and provides a central source of information to support industry understanding and implementation of FSMA. Questions submitted online or by mail will be answered by information specialists or subject matter experts.
Food Protection and Defense Institute
The Food Protection and Defense Institute (FPDI), formerly known as the National Center for Food Protection and Defense, was officially launched as a Homeland Security Center of Excellence in July 2004 at the University of Minnesota. Developed as a multidisciplinary and action-oriented research consortium, FPDI addresses the vulnerability of the nation's food system. FPDI takes a comprehensive, farm-to-table view of the food system, encompassing all aspects from primary production through transportation and food processing to retail and food service (https://foodprotection.umn.edu/).
Food & Agriculture Sector Coordinating Council
The Council serves as the primary private sector policy coordination and planning entity to collaborate with the U.S. Food and Drug Administration (FDA), the U.S. Department of Agriculture (USDA), the U.S. Department of Homeland Security, the Food and Agriculture Government Coordinating Council (GCC) and other government entities to address the entire range of critical infrastructure security and resilience activities and sector-specific issues. The Council serves as a voice for the sector and represents a principal entry point to collaborate with government for critical infrastructure security and resilience activities. Wherever possible, the Council will participate in efforts to establish voluntary practices to ensure that sector perspectives are included in relevant Presidential Policy Directives, National Infrastructure Protection Plans (NIPP), Sector Specific Plans (SSPs) and other policy documents related to Critical Infrastructure Security and Resilience. (https://www.dhs.gov/publication/food-and-agriculture-sector-council-charters).
International Association of Food Protection (IAFP)
The IAFP represents a broad range of members with a singular focus — protecting the global food supply. Within the association, you will find educators, government officials, microbiologists, food industry executives and quality control professionals who are involved in all aspects of growing, storing, transporting, processing and preparing all types of foods. (https://www.foodprotection.org/).
Grocery Manufacturers Association
GMA has formed an Intentional Adulteration Rule Working Group – The Grocery Manufacturers Association is the voice of more than 250 leading food, beverage and consumer product companies that sustain and enhance the quality of life for hundreds of millions of people in the United States and around the globe. Based in Washington, D.C., GMA's member organizations include internationally recognized brands as well as steadily growing, localized brands. Founded in 1908, GMA is an active, vocal advocate for its member companies and a trusted source of information about the industry and the products consumers rely on and enjoy every day. The association and its member companies are committed to meeting the needs of consumers through product innovation, responsible business practices and effective public policy solutions developed through a genuine partnership with policymakers and other stakeholders. (https://www.gmaonline.org/).
Food Defense Consortium
The FD Consortium is an informal group of F&B manufacturers that was established in June 2016. The intent of the FD Consortium is to bring together multiple disparate working 'groups' addressing the FSMA IA Rule and discussing general food defense best practices. The group meets monthly to address current issues and https://www.linkedin.com/groups/12100113
Food Safety Tech
Food Safety Tech is an industry-specific eMagazine and Conference series serving the food industry. Built on the platform of the next generation model for B2B publishing. (https://foodsafetytech.com/tag/food-defense/).
USDA OHSEC – Departmental Management
USDA's central administrative management organization. Departmental Management provides support to policy officials of the Department, and overall direction and coordination for the administrative programs and services of USDA. In addition, Departmental Management manages the Headquarters Complex and provides direct customer service to Washington, D.C. employees. https://www.dm.usda.gov/ohsec/
Association of Food and Drug Officials (AFDO) Food Protection & Defense
The Association of Food and Drug Officials (AFDO), established in 1896, successfully fosters uniformity in the adoption and enforcement of food, drug, medical devices, cosmetics and product safety laws, rules, and regulations.http://www.afdo.org/page-1183349
Bob Norton's Food and Water Defense Blog
Dr. Robert A. Norton, PhD, is a professor at Auburn University and currently serves as coordinator of National Security Initiatives in the Auburn University Open Source Intelligence Laboratory and program director of the Futures Laboratory, a collaborative effort between Auburn University, Auburn University at Montgomery and Air University at Maxwell Air Force Base. A long-time consultant to multiple federal agencies and the Department of Defense, Dr. Norton's research interests include public health/one health, intelligence analysis, chemical and biological weapons defense, medical and technical intelligence, military-related science and technology, biosecurity/biodefense, and veterinary infectious diseases. https://aufsi.auburn.edu/fooddefense/blog/