What is food defence? Three things you should know

What is food defence?

Most food professionals would know exactly what food safety is about but when asked about food defence the situation can be slightly different.

Food defence, as defined by the Global Food Safety Initiative (GFSI) in their bench 2020 is:
 
"The process to ensure the security of food, food ingredients, feed or food packaging from all forms of intentional malicious attack including ideologically motivated attack leading to contamination or unsafe product"


However, the Food and Drug Administration (FDA) define it differently:

"The effort to prevent intentional food contamination by biological, physical, chemical or radiological hazards that are not reasonably likely to occur in the food supply"

So in simple terms, it is an intentional attack aimed at causing harm.

It is worth highlighting that GFSI definition include all forms of potential attacks while FDA's definition focuses on actual adulteration or contamination of the food.

You and your food defence team need to be clear on the food defence scope expected by the standards or regulation you work with.  As an example, McDonald's Supplier Quality management System, which has one of the broadest food defence expectations, expects control measures to prevent intentional harm to people, products, and process, as well assassinated losses.
 
Write your awesome label here.

Free checklist

The Complete Food Defence Plan Checklist

Download for free, the PDF comprehensive 27 questions checklist

Potential attackers

With GFSI's definition in mind, food defence attacks can take different forms e.g. Malicious contamination, Extortion, cyber-crime, etc. Here is a list of who might want to attack a food business:

  • The opportunist:
    They can be someone who has access to the facility, they may have technical as well as site knowledge allowing them to perform the attack. They are likely to be discouraged by the chance of detection.

  • The opportunist:
    They can be someone who has access to the facility, they may have technical as well as site knowledge allowing them to perform the attack. They are likely to be discouraged by the chance of detection.

  • The extremist:
    Very strong about their cause or campaign that they will push it to the point of ignoring the rights and even safety of others. Publicity in case they are caught can be preferred. The risk of failure is a deterrent, but the risk of being caught is not. In some cases, certain groups want to disrupt the operation of certain businesses, but they are aware of potential public harm which stops them from taking these actions.

  • The extremist:
    Very strong about their cause or campaign that they will push it to the point of ignoring the rights and even safety of others. Publicity in case they are caught can be preferred. The risk of failure is a deterrent, but the risk of being caught is not. In some cases, certain groups want to disrupt the operation of certain businesses, but they are aware of potential public harm which stops them from taking these actions.

  • The disgruntled individual:
    Someone who wants revenge from the organisation as they believe it is the right thing to do. This individual can be a current or previous employee, supplier, customer. Can be an insider, someone who has access to the premises or products or an external person who has no access.
Image of a person in a farm or filed where food is produced. Food intentional adullteration is implied.

  • The extortionist
    Individual or a group targeting a successful business that has good reputation and can be affected by bad publicity. Their goal is financial, and they don’t want to be caught.

  • Professional criminal
    Organised and capable individual or group targeting a certain business or supply chain for different reasons e.g. political, financial, etc.

  • Irrational individual
    Individual attacking businesses and supply chains for no rational reasons, their view of the world is distorted, may be caused by mental health issues in some cases.

  • Cyber criminals and malicious digital actors
    Aim at controlling communication and computer systems in order to cause harm and disruption. Different motivations and capacities. Some uses of the shelf malware to conduct these attacks.
Image of a cyber attacker attacking a food business shown as food defense example
Drag to resize

The impact of food defence attacks

The impact of food defence events will vary based on the type of the attack, the target, and the scale of the attack. In general, the potential impact include:

  • public health harm

  • economic impact
 
  • decrease consumer confidence

Final Thoughts

while food defence threats are not necessarily common, they are are so real! While they are not necessarily likely to happen, if they happen, huge damage can be caused!

It is important to understand what is food defence threats, potential attackers and more importantly the types of controls required at your work place to prevent food adulteration and attack in general.

Food protection is the responsibility of everyone in the food supply chain! so, are you doing your part? if you are keen on fully understanding food defence threat assessments and how to develop and implement a food defence plan - TACCP then check out Food Surety's courses below.
Author: Ray Haddad
Disclaimer: The information contained on this article is based on research done in the last months and the author's personal experience and opinions. It is not intended to represent the view of any organization they work for or collaborate with. The authors will not be held liable for the use or misuse of the information provided in the article.

Related Courses