Cybersecurity in the food and beverage industry: A reference framework

Given the tendency of food companies to adopt digital technologies throughout the food supply chain and the importance assumed by the security and reliability of these systems in Industry 4.0 applications, we carried out a systematic literature review of cybersecurity issues in food and beverage industry. The research methodology was defined based on the PRISMA guidelines, and a reference framework was created that leveraged a thematic analysis of the following content categories: definitions, focus on the food and beverage industry, characterization of cybersecurity, and management of cybersecurity risks. This analysis allowed us to compare the advancement in cybersecurity in the food and beverage industry with those proposed in the literature for the Industry 4.0 paradigm. This comparison is useful, since although the Industry 4.0 paradigm finds a wide range of applications in such domain (e.g., Agriculture 4.0), the structural characteristics of this sector, its supply chain and products create a specific context and situations that may require ad hoc cybersecurity strategies and solutions. The body of knowledge on the food and beverage industry resulted mature in terms of definitions, the target supply chain, industrial assets, and cyberthreats, but requires future research effort in terms of practical analysis that can fill the emerging gaps in relation to risks, countermeasures, vulnerabilities, solutions and guidelines. The results of our review guided discussions, implications and definition of future research routes.