Show Notes:

In this episode, we’re joined by Megan Francies, Global Food Safety Manager at Lamb Weston Inc., specializing in food defense and intentional adulteration.  With over a decade of experience in food science and quality assurance, Megan deeply understands the complexities of food safety.  We delve into how food safety and cybersecurity intersect, discussing the challenges and opportunities presented by digital technologies in the food industry.  Megan, a Genetics and Cellular Biology graduate and a current student of Global Food Law, shares her expertise on food defense strategies, intentional adulteration, and the importance of a robust food safety culture.  Join us for a thought-provoking discussion that sheds light on the behind-the-scenes efforts that ensure the safety of our global food supply.

Megan's Socials:  

LinkedIn:  https://www.linkedin.com/in/megan-francies-00495b114/

 


Listen to full episode :

Episode Guide:

(03:07 - 04:17) Cybersecurity and Food Safety Collaboration

(07:05 - 09:39) Digitalization Challenges in Food Industry

(11:04 - 12:45) Understanding Food Fraud and Altered Food

(14:29 - 16:08) Exploring Food Defense and Cybersecurity

(20:48 - 21:37) Food Safety in Change Management

(29:21 - 30:14) Food Industry Budgeting and Security Challenges

  • 00:27 - Kristin (Host)

    Welcome to the Bites and Bytes podcast. I am your host, Kristin Demoranville. Today, we're diving into the crucial topic of food defense with a very special guest whose expertise transcends the ordinary. Megan Francis, a leader in food safety and a champion of holistic approaches, joins us today. While Megan will introduce herself and share her insights, I must express my gratitude for the profound knowledge she's imparted on this podcast, as well as over the last year of our friendship. I really hope you enjoy the episode, hi, megan. Thanks for being here. I am so excited you're here.

    00:58 - Megan (Guest)

    Hi everybody, my name is Megan Francis. I currently work for Lamwaston. I live in Kennewick, Washington, which is the desert area in Washington. I currently am a food safety manager at our corporate location.

    01:12 - Kristin (Host)

    Great. Thanks so much. I don't think I've been to that part of the country. I have friends that live in Yakima, Washington, but I haven't been to the desert portion.

    01:19 - Megan (Guest)

    It's very hot, so it's nice that it's fall time now, because we were in the hundreds and no rain. So we've been seeing rain in the last couple of days.

    01:27 - Kristin (Host)

    That's horrible. I've heard the vineyards are really nice out there actually, though, so is that true?

    01:32 - Megan (Guest)

    It is wine country. Yes, wine country, wine everywhere, yeah.

    01:36 - Kristin (Host)

    It's actually amazing how there's really becoming more wine all over the place, all over this country. Even Texas has wine now, which is crazy town to think about. Right, global climate change, thanks for providing better grapes in different places that we never thought of, like the UK, and things like that. Anyways, megan, let's just jump straight into it. I love asking this question to everybody I talk to what's your favorite food and what's your favorite food memory? They can't be one of the same or different.

    02:00 - Megan (Guest)

    OK, so my favorite food is hands down tacos any kind of tacos, but I'd say probably my favorite food memory, while one of them would be I guess I can relate it back to Mexican food. When I was about 19 years old, I went over to Cabo and that was the first time outside of the United States and we went down to downtown and got to actually experience authentic Mexican food and I just couldn't believe what we eat in the United States is nothing compared to what I ate over there. So it was just amazingly delicious and I feel like I'm always looking for that now.

    02:38 - Kristin (Host)

    So yes, I love culinary journeys when you travel. I think it teaches you so much about the place and how we view food when we come back. I went to Mexico City recently with last year and I just fell in love with it. It's just amazing. I had a proper quesadilla made and a food stand by a grandma. And it was with squash blossoms, which is the most random food to put inside of that and it was amazing, so I echo that hard. Yeah, that is I echo that big time.

    03:07

    That is amazing. So we're here to talk about cybersecurity and food safety and food protection, all the fun things and how we can collaborate and do that better In your experience, your world of food protection and food safety, and what do you think is the best way to describe the intersection between those two spaces?

    03:23 - Megan (Guest)

    now, so I specialize in food defense and intentional adulteration, and I think, especially with the current climate, food safety definitely intersects all the time. Sometimes I wonder how I ended up in this space, but it's a unique little niche that I've found, and my food safety background really helps me understand the food security piece of it within the facilities and the organization as a whole, and so ultimately, the goal is to protect the food, and so for me it's pretty intuitive of how it all comes together, right? So food defense you're protecting the global food supply and also intersecting with security, and then, obviously, it is now coming into play, and then you want to make sure your food goes out safe, and so that's my easy way of saying how they interact with one another. That's great.

    04:14 - Kristin (Host)

    So I know we have a mix of people that listen to this podcast. So for those of us on the cybersecurity side, meggie, can you give us a little bit more of a definition of what food defense is and isn't, so we understand the difference between defense versus safety and security? Because I say food protection because it kind of grabs all of them. And also I had a good friend of ours, a mutual friend named Jason yell, at me because I needed to do that, because I was confusing everybody. You could just explain that a little bit, that would be helpful.

    04:39 - Megan (Guest)

    So food defense is the oh gosh.

    04:43 - Kristin (Host)

    now he's probably going to yell at me because it's OK If he doesn't join the podcast someday, he has no say.

    04:50 - Megan (Guest)

    So I mean food defense is the principle of protecting the food supply and putting mitigation strategies against things that are deemed as high vulnerabilities or easily said it would be high risk, and so you have to look at your process and, based on categories provided by the FDA that they've deemed as high risk, so then you implement mitigation strategies to reduce your risk and manage it that way to protect the food supply.

    05:20 - Kristin (Host)

    So very similar to cybersecurity. You know we try to mitigate risk ultimately and help people accept a risk if it's going to be there. If the company decides that they want this particular program or IT infrastructure, that they need to decide that there's risk generated to that and they have to accept.

    05:35 - Megan (Guest)

    So I think one of the big differences between food safety and food defense is that food safety is for every piece of food needs to be safe, correct, yep, of course Whereas food defense it's more broader. We're never going to protect every piece that goes out, so we're focused on the large scale impact. So they consider large scale is basically anything over 10,000 units.

    05:58 - Kristin (Host)

    It's a lot of food if you think about it. Wow, that's crazy, and I recently was on a podcast and I think a lot of people have a misconception of what food production is and things like that, because you know good on the marketers. They've done a great job of making people realize that it's one way versus another. There is so much automation in the processes and there's so much machinery and so much stuff that could probably go wrong.

    06:21

    That food defense is an extremely important portion of food protection in general, and I think it goes without saying that I really do appreciate all the food people out there I think you all wear capes, like I think that you stay up late weekends the whole thing just to make sure that we all you know, can eat food and feel secure about it as consumers and we don't even have to think about it. We can just walk into the grocery store, grab a bag of potatoes and call it a day and not think about it. That's amazing and I think we take that for granted as consumers all the time, and we really do, and we should be. We should be diligent ourselves as part of a compliment to the work that all of you do. So thank you as a side note, but also because a lot of people do not understand. I'm starting to realize that we have a tremendous amount of misinformation. Can you, speaking of protecting those, all those units, can you share some of the unique challenges that you've seen with all this digitalization coming into your industry?

    07:15 - Megan (Guest)

    Yeah.

    07:15

    So let me be clear I am a big fan of all the technology that is coming in, because I think it's great, because you can move people out of these very manual roles where they can actually be doing higher level work and they have more of a sense of worse, if you will, because they get to do things that are not as manual and so they get to be more involved in the process itself.

    07:39

    But those types of equipment that are coming in have their own challenges, right, so you have less people that are out in the environment, so, which can be a good or a bad thing from a food defense, intentional adulteration risk, right, is something that we focus on a lot in this industry, is for food defense specifically, is your access to the product and then the feasibility of actually adulterating their product, and so the more people that are around, the less likely somebody in theory is going to risk putting something in the product that could harm someone.

    08:13

    But when you bring in these different types of equipment where there's not as many people out on the floor, then you're not having as many eyes out there and so maybe an insider threat could potentially access that product because there's not somebody out there. There's not 20 people out on the line anymore, there could be only a couple, and so there's a lot more time for them to get the deed done. I guess is a nice way of saying it. And then I think it also brings in different vulnerabilities when you're talking from an IT standpoint, because then all of a sudden, depending on your systems and what type of legacy equipment you have in your facility, you may not have even begun to think about what risks those bring in from somebody from the outside gaining your data.

    08:58 - Kristin (Host)

    For sure, and it's interesting too because you intersect a lot with IT now, because you'll have to review camera detail, probably, and sensor data for IoT devices just to verify that the processes are running smoothly so that it's still within parameters of defense or, if you aren't, you will be soon probably, because that's just going to be a parallel. We're going to have to work side by side in that regard, because the equipment that we use in cybersecurity the detection and monitoring and all the threat detection stuff that we do, and perimeter monitoring that could be used in investigation for potential fraud, anything beyond having forbid a foodborne illness investigation, those kind of things and that's something that I'm interested in, actually, your thoughts on it.

    09:40

    Do you think that, moving forward at the next generation of food professionals, that they're going to have to have a lot more cybersecurity and IT knowledge because of all the digital equipment? And also, do you think that cybersecurity and IT are going to have to have maybe possibly actual training in food defense and food safety?

    09:58 - Megan (Guest)

    So I will say from my personal experience I definitely think that people coming into food safety should have some background in that space. I think that there's not really a way around it anymore. With the way that we rely on computers and technology. A lot of food companies are getting more digital. I mean, obviously, even after the pandemic is telling us, hey, you guys need to collect your data and you need to be smarter about it and you need to make it available. That's where that whole traceability piece comes into it, right? And then, as far as IT getting involved, I definitely think, especially when you're talking food safety culture, they need to understand how their role impacts this safety of our food, and so I think a lot of times currently that may not be a thought process, but I do think, as we move forward, that they have to understand how these different pieces of equipment and how they are communicating and the data that they hold can impact product and how they need to understand food safety so that they can ultimately help us ensure our food goes out safe.

    11:03 - Kristin (Host)

    That's so well said. I completely agree and I just realized again, because we have a mixed audience, that people may not understand what food fraud is and what altered food looks like. Can you just give a couple of quick examples?

    11:14 - Megan (Guest)

    So food fraud is typically something that so say, I'm a food manufacturer and I'm bringing in ingredients, so it would be from my supplier. And so typically food fraud is done in the terms of economic game. There is a game for them as far as money or credentials or something of that nature, and so typically you'll see that a lot in honey is a really big item that gets adulterated Really. Milk is a big one. A lot of water detergents. A lot of times this is happening over in third world countries more than, say, the United States. But you really have to know where you're getting your supplies from in order to protect yourself, because at the end of the day, if your product you put in your supplier's product into your finished product, you're the one that's going to be held accountable, because you should have processes in place to prevent that fraud from coming through.

    12:08 - Kristin (Host)

    It's interesting. So sourcing is super important then too, and, honestly, should be educated also in food safety and food defense to some degree, because, you never know. I worked at an ingredients company for a while, so I completely understand this. I remember lots of conversations about sourcing. You know palm oil and sugar. They had flour that was brought in from other factories that were connected to the company, and even then they were concerned that it would be adulteration on the way to the factory, whether it was by train or by truck. So it's really interesting.

    12:38

    You're actually like making me think of all this stuff I haven't thought of in a long time. So thanks for that and hopefully that helps everyone understand just a little bit more. Maggie, can you talk a little bit about packaging and concerns with packaging and food? I know this is getting just a slight bit off turn, but I promise it will wrap through in a second. I think a lot of cybersecurity people focus a lot on supply chain and they understand the supply chain is a problem, but they're looking at it from the perspective of systems connecting into systems from outside to inside or inside to outside. But I really think that they need to start looking at it from a physical sense as well. So packaging fits into that.

    13:11 - Megan (Guest)

    So are you speaking about food contact packaging? Yes, okay. So, as far for food defense, packaging is a big concern, typically with tampering, so product tampering, and so understanding how your product is safeguarded against tampering. Do you have tamper evidence seals? Do you have processes in place to make sure that your finished goods and or your ingredients going out, if you're a supplier are packaged in a way that prevents somebody from accessing the product and putting either a physical contaminant, such as glass, in your product or chemical, or a lot of times you'll see in the news, even if you're shipping over borders, drug smugglers will actually disguise their shipments as food.

    13:57

    And so again, it goes back to do you know your supplier and does your supplier know where they're getting their products? Because if you don't have that relationship with these people, you know you're the one that could pay the price. And so, as far as packaging, that's where I see food defense coming into it. And then we can also a lot of it has to do with the trailer conditions and how are you shipping your product, whether it's by truck or by rail, are you shipping it overseas? And so this is where all that packaging concern comes in.

    14:29 - Kristin (Host)

    I've sat in meetings and it's listen to all of you talk about it. It's so daunting, it's so huge, it's insane to hear these things Because, again, maybe I'm also that consumer that it's been, like you know, completely naive to the world around me. But there's a lot that goes into that. Just the packaging alone as a concern, and then on top of just keeping food safe as it's being either harvested or produced in any capacity, let alone whether it's being created into a boxed cake. You know it's crazy to think about Because you know, back in the day, you know you just went down to a local farmer and got your produce and made everything yourself. And now we have this tremendous industry that's running. And, as a cybersecurity professional inside of food, I see so many parallels and so much synergy between our two divisions. We all talk the same thing, just in our own way. You know mitigating risk, preventing an incident whether that's horrible things within food, obviously potential death but especially within a cybersecurity community in food, we have to be concerned about that as well. That is, our ultimate goal is to save lives, full stop.

    15:35

    We're going to take a quick break. I hope you're enjoying the conversation. If this episode has grabbed your interest. Please do share it with your friends and colleagues. Your support is invaluable in spreading these important discussions. Don't forget to also like and subscribe to the show for more insightful content. Stay tuned. We'll be right back to continue our exploration of food defense and the innovative world of cybersecurity. Any stories you think help the cybersecurity listeners specifically, or even the food people that are on this particular podcast are listening to, help their journey.

    16:08 - Megan (Guest)

    So I can speak to a specific incident that happened, not at my current company, but just in my experience, and it's a positive experience. But we were in the process of upgrading a lot of our equipment to get more data, and so they were pushing through the project for our OE systems and I had posed the question well, what's protecting the system from somebody from outside hacking into the system, right?

    16:35

    And they kind of like brushed it off, like, ah, I don't know why you're that worried about it. You're in food safety, that's not your space. And you know, this is me still being fairly green and coming into my position and coming into who I am today, right, and asking the right questions. And then it really got people to start thinking about it. Ultimately, at the end of the day, they did start looking into how do we protect it, because at that time we were able to provide examples of hey, this large food company, had a similar situation where they are held ransom.

    17:06

    Are you guys prepared to handle that kind of incident? And can we run blind? Can we run without our systems? Can you run like we used to run 20 years ago and are you able to flip the switch to run like that? Then, from there, we started implementing. That was something that we asked at the very beginning of any kind of equipment upgrades or installs, and so that was something that was really positive that came out. We were able to start talking about that risk more openly than hey, you be quiet over there, I don't, we don't want to talk about that.

    17:39 - Kristin (Host)

    No, boy, that's awesome that you even thought of that, that you were allowed to be a critical thinker in that space. But I suppose that's the benefit of being green. We don't know any better at that point. Right? You just say what you say. I think I probably still do that. I think you do too, megan, but I love that you were thinking ahead of how it all.

    17:57

    You were basically creating a disaster recovery and to stay resilient in the face of a cyber attack. I mean, this is what we do, and I have also been in those positions where things have gone awry and we've had to literally reabsorbed back to like clipboard and paper and pen. You know and can that? Can you survive the entire process or shift, if you will, that way, staunting, if the trucks aren't going to wait, you know how it goes. It's just going to get really messy really fast if someone doesn't take the bull by the horns, if you will, and just lead the charge. That's great that you've already experienced that early in your career. So you already were making those connections and that's that's what I. I'm hoping people will start doing a little bit more, because as we go digital and we are digital, what am I talking about?

    18:37

    We are digital, but we're going to go more. We're going to need that mindset to be intact and pushing forward constantly and asking those kind of harder questions of hey, I have concerns about this. It just is another thought. You know, in your food defense role, do you think that? Or actually, in food defense, do you think that, because a hack happens that you will be mobilized to have to be part of, involved in that investigation and potentially creating a new plan that will come from that as well, have had to avoid in the future? You think that that will be something that you'd be involved in?

    19:06 - Megan (Guest)

    Well, I think, I think I should be involved, because you have to understand that process. So if you're not involving the right people, then you'll never get that full picture right. You have to make sure you have the right players at the table to discuss what's happening, to put a good term, longterm solution in for your organization and for me I'm a big advocate Take those silos down, get out of, get out of your space, get out of your comfort space. Understand what other people are doing and how your role applies to theirs and vice versa. What are they doing today and how can you improve it? So for me, collaboration is 100%. Get with your security team, get with your IT. Or, if you contract that out, make sure you have that good relationship with them, Even in food defense we talk about, hey, make sure you have a good relationship with your local FBI office and your PD and your fire department and then it starts you start working with your safety team.

    20:02

    So it's a really it's a full picture, and if you don't have the right people at the table, then you're never gonna get that solution that you ultimately need to help your risk.

    20:11 - Kristin (Host)

    It's true, and I love that. Most of the food professionals that I've spoken to feel the same way. Everybody echoes it. It's all. We're all in this together. Everybody's gotta do something on the ship, you know, and I love that, because cybersecurity can be very restrictive at times where we only will stay on systems and we won't go past that, partly because a lot of the industry is in an enterprise side and they don't see the industrial side or any type of working side like that, which is such a disservice. I really wish everybody would have the opportunity to work on the industrial side at some point, obviously with training wheels on, until they felt like they could run. It's so important to have those type of conversations.

    20:48

    I'm a big advocate for change management boards to include food defense and food safety and food security and quality.

    20:53

    I think that they all should have a say at the table, especially when there's, you know, digital transformation is still a hot thing inside of the food industry and if you don't have those people at the table, then you're not gonna be able to necessarily do it correctly or safely, you know, or it could affect production, which nobody wants ever, because that's you know, obviously, why we're there the food has to keep coming off the belt, if you will, and also beyond that, creating, you know, business continuity. Planning and disaster recovery has to include not just cybersecurity, even though we fight to get to the table too, and it's so funny that ultimately these food companies are sort of almost fighting themselves internally Like, come on, guys, like we all gonna work together, like somebody, stop making plans in isolation and really understand the risks, and especially with all this digital tech coming in in the future view. That's definitely what I wanna talk about. What do you see is gonna happen in the future for your role and what you do, and then how that intersects with more digitalization and more cybersecurity needs.

    21:47 - Megan (Guest)

    I mean, I see myself having to learn definitely more of the cybersecurity. Or, again, having somebody that is on my team, that's a subject matter expert in understanding that language, because if you don't understand it then you're at risk, right, and so for me it's making sure that I am involved or somebody that is on my team is involved and we understand that risk. Again, I'm a big advocate for those kind of technologies.

    22:14

    But we just need to make sure it's a right fit so that we don't have that vulnerability where some sort of attack can happen. And I think something that really rings true for me is being out at one of the conferences last year. Somebody shared their experience and one of their texts had noticed there was some really small changes with their food products and it was just some pH changes. The product was still within their specifications, right. But they raised their hand and they spoke up and they realized that somebody was hacking into their system and adjusting their equipment and they were confirming if they could make those small changes right.

    22:51

    And so again, if you're going to put in these types of equipments, you just need to make sure that you're safeguarded, because it could have it really could have impacted their product. And are you able to recover from that from a brand perspective, or are you able to recover from the cost of a recall? And then I mean you chatted about it a little bit, but for how widespread the food supply is now, I mean you're talking most companies are shipping across the world. You look at a lot of these recalls and it's not just the United States as it's impacting. It's typically 10 to 20 different countries and it's just a very widespread impact and are you able to recover the costs and continue business?

    23:32 - Kristin (Host)

    Yeah, I mean a ransomware attack or any type of cybersecurity attack, whether it's adjusting pH or anything further, would have widespread financial cost as well as potential human health. It's not isolated anymore. We're not just growing for one nation. We're growing. I mean the US exports a ton of food, we get a ton of imported and the rest of the world does the same thing, right? So I think when a ransomware hits, you know, let's say, from the Dole hack this year, not to pick on Dole, but you're more recent, so we'll just go there their package lettuce got hit so they couldn't actually distribute to the grocery stores. Thankfully this was more regional issue, not global, but imagine if that did impact global and lettuce couldn't get to, or any hip of salad couldn't get to anybody who needed it. I mean that's a substantial food source and kind of scary to think about.

    24:22 - Megan (Guest)

    Well, and the fact that at first there wasn't a lot of communication out about it, but then consumers started demanding why? Why is the product not on the shelf? There's always product on the shelf. In the way that social media is today, can you really afford to not tell the public what's going on? And my understanding is it was a pretty significant impact to their business. Just based on the reading that I've done, and they still. I believe it says that they still haven't recovered from that hack. So lost revenue, yeah.

    24:52 - Kristin (Host)

    It's 10.5 million to date that they've announced so far, but that didn't include what they paid for the ransom. So who knows? And my heart goes out to those teams, not just the security teams and the IT teams, but, you know, the food teams, because they're scrambling as well, because how can they trust their processes now, since it's been so? It's almost like a violation. When something happens, like you feel it, like it's nasty, and then you know the security community as a whole is not exactly overly nice.

    25:20

    I mean, the MGM hack has proved that quite vividly, that we like to talk about a lot of things and we don't have any room to say anything because teams are suffering while this is happening and the shame around it and dealing with that like we got hit, we have a problem, we didn't deal with this correctly. You know. Now we have to sit down and sit in it and stew in it and figure out what happened and make sure it doesn't happen again and try to prevent things moving forward. And that's something I love about the defense. The food defense team is you guys. Yep, shame, deal with it. We're moving, it's happening, it's right now and we need to get a mop and figure this out and clean it up and make sure it doesn't happen again. I've never seen any of you sit longer than like a second in it. Yep, that's bad, and we're going to help that person or we're going to move through it.

    26:03 - Megan (Guest)

    I think you bring up a good point because it's and I think we're one of the things in this food defense group right is like share, please share. We're not here to shame you, like, we just want to learn so that we get better as a group and then we can also help influence regulators, right, help them understand what is it that we're going through, because we need that information and if we don't hear of incidents that are happening, then it makes it harder for us to advocate, right? It's like is this event actually going to happen within an organization? Well, there's not really a lot of evidence of it, but I think a lot of things are happening, but people don't want to openly share and we're not as concerned with who it's happening to. It's just, hey, share what's happened and get rid of the information that links it to your company, but people need to hear about it.

    26:52 - Kristin (Host)

    I agree, and that's something that I think the cybersecurity community needs to learn, and I don't know if we're getting any better, but I think we're acknowledging it now, which is probably half the battle in itself. We don't talk about hacks together in groups in larger scale. We talk about it, maybe even with friends like hey, did you hear this? So my friend's dealing with this company, yada, yada. But I think we're so worried about the company image and protecting it because we're underneath an NDA or whatever it ends up happening that we feel, if we talk about it, even in a general term, removing the company name and whatever is associated with it, that we're sort of violating that in a way.

    27:25

    I think we're doing a disservice to our community by not talking about it and we're not going to be any stronger than what we are right now because we can't talk about it. That's why I again, I love working in the food industry because we talk about everything. We don't care Like whatever, what happened, who, what? Okay, fine, great, how could we have done better? Here it is, and that's the conversation, and I love that I'm also brought to that table because, like you said, megan, we need to get these silos broken and the conversations need to flow easily. So people in the cybersecurity community take note. We have to stop that nonsense. We have to stop, we have to start talking to each other and not just oh, did you hear about this company get hacked?

    28:01

    And yeah, CISO is going to get fired? Like, don't do that, it's so bad. Like it's such a bad look, it's really gross. Or I have a security product. If I use this security tool over that, I might have done better. No, shut up.

    28:12 - Megan (Guest)

    It doesn't matter Again.

    28:15 - Kristin (Host)

    These hackers will wait forever. They don't care. They're the most patient people. They'll learn your processes, they'll learn your culture. They'll learn your employees. I've seen it time and time again. It's crazy. Insider threats real. It's not just you know some magic movie thing. It's really happening, megan. You already said it. That could happen. It happens on our watch too. I think that it's so important to combine powers if you will, not to make a Power Rangers reference or whatever I just did, but you know, I think it really is important, because the systems that we look at and the systems you look at are actually probably really similar in some ways. It's detection, right, so, and it's threat detection.

    28:51

    it's best, and I've just mentioned, like access control and things like that, because you're gonna wanna know if a pissed off employee went between, like, an allergen area and a non-allergen area in like a matter of minutes.

    29:01 - Megan (Guest)

    Yeah, does that just happen? Yeah, absolutely, I 100% agree. I think access control is a great thing, but it can also, depending on how your company is addressing it right. Is your system a legacy system or is it the new and the best system, and are you managing it appropriately? Because if you're not, you're still at risk.

    29:21 - Kristin (Host)

    Yeah, it's tough too because a lot of these food companies don't have an infinite budget. They're forecasted really tightly and we all know this in the food industry that there's only a fine item of money, even though they make a lot of money. There's a lot of money moving at all times and a lot of times when they decide to upgrade these systems, it's done so quickly that some things are just not thought of in the process or there's a new process that has to become around it and it's hard. It's hard because, again, you're trying to make miracles with bubble gum and shoestring.

    29:49 - Megan (Guest)

    Yeah, well, and again I think it goes back to that Make sure you have the right people at the table, because a lot of food safety people don't know security, they don't know badge access, they just don't inherently know this information. And so if you don't have a security person at your company, you need to have one and you need to have someone that can help guide you guys in the appropriate manner to protect your people, protect your product.

    30:14 - Kristin (Host)

    It's true, I agree, not just because I'm a cybersecurity person. I just like good food and I want to be healthy and eat things that aren't gonna necessarily make my stomach upset or potentially kill me, and I think it's super important. I also think that having these kind of discussions is really paramount. So, even if you aren't in the food industry as a cybersecurity professional, start making friends, start having these conversations. Most people will talk to you. It's fine. I think that the food industry professionals are super welcoming in general. Unless you're just a complete dick, then obviously you're out, but I think, generally speaking, most people try not to be.

    30:48

    We're gonna close this up in a moment, Megan, but I want to give you a moment to share any closing thoughts or any advice you want to give out to the teams beyond what you already have done. I've really enjoyed this conversation. This has been great.

    30:58 - Megan (Guest)

    I just encourage everybody to be in tuned. Like Kristin was saying, we love that. Everybody as a consumer inherently just trusts the food that we buy. As a consumer, I encourage people to be more educated, but ultimately we believe the food that we buy. You shouldn't have to think is it safer, Is it not? And so make sure that you are doing your part as a consumer. And then I ultimately comes back down to make sure you're educated. If you work in this, in the space right, Make sure you're partnering with the right people and understand where you're going. Right, as you bring in new equipment, do you understand what risks it's bringing in with it? So those are my closing thoughts.

    31:41 - Kristin (Host)

    You know, and you just reminded me too, that we need to start breaking down stereotypes as well. Food professionals are not the way that we used to picture them back in the day. They're not necessarily the auditor standing at the end of the line or whatever you think with a clipboard or some random check coming in for some government body. You know these people are actually doing the job every day. They're standing there and they're making sure that the product that's going out is safe for consuming. And, as security professionals, we're not just these nerds at a keyboard or the hackers in the hoodie with the matrix symbols running around us. We're actually legitimate people who are working inside of these places trying to figure out how to serve the industry they were in or just trying to make sure we get our paycheck, just like anybody else. So it's recognizing that there's a lot of similarities between the two groups and synergy between us and Megan.

    32:26

    Thanks so much for your time. I know that you're a busy lady, so I really do appreciate it, thank you. Thank you for joining us on this enlightening journey into the intersection of food safety and cybersecurity with Megan Francis. As we continue to delve into these critical topics, remember the impact and hard work of professionals like Megan in ensuring our food safety. Stay safe, stay curious and we'll see you on the next episode. Bye for now, thank you.

Previous
Previous

Ep. 006 - Cultivating Heritage: Exploring AI’s Integration in Contemporary Farming with Nelson Estrada

Next
Next

Ep. 004 - Mint Chocolate-Chip Ice Cream, Risks, and Collaboration with Food Safety with James Nasella