Suenita Mackay delivered a compelling and eye-opening session on the growing importance of food defence, the protection of food and food systems from intentional adulteration or malicious contamination. She emphasised that while the concept has existed for years under broader “Food Security” umbrellas, today’s complex threat landscape has made food defence a mandatory, strategic and non-negotiable component of a robust food safety culture.

Mackay explained that international standards, including Codex and ISO 22000, now explicitly position food defence as a required Prerequisite Programme (PRP), on par with sanitation, food fraud prevention, and core food safety controls. Its purpose is not only to protect consumers but also to safeguard business continuity, brand integrity, and organisational resilience.

Building the framework: Thinking like a criminal
To develop an effective food defence plan, Mackay underscored the need to adopt a criminal mindset. This approach helps organisations anticipate vulnerabilities and attack pathways before they can be exploited. Key questions guide this risk-based assessment:
• Who might want to cause harm? (Disgruntled staff, competitors, extremists, activists)
• What methods or tools could they use?
• Which products or processes pose the highest risk or greatest impact?
• What controls currently exist—and where are the gaps?

She highlighted that the modern threat landscape also includes espionage, theft of intellectual property, weak physical security, insufficient IT protections, and unmonitored access points that function as “open gateways.” A strong food defence plan requires a multidisciplinary team, including HR, IT, security, production, and facilities, to ensure all potential threat avenues are covered.

Tools, methodologies, and structured threat assessment
While food defence principles mirror HACCP, Mackay stressed that specialised methodologies exist to guide formal threat assessments, including:
• TACCP (Threat Assessment Critical Control Points)
• CARVER+Shock – adapted from pharmaceutical security approaches
• FDA Food Defence Plan Builder – a free tool that generates structured assessments

These tools help organisations assess the motivation, capability, and opportunity of potential attackers, ultimately informing targeted controls and mitigation strategies.

Real-Life incidents: Why food defence cannot be optional
Mackay illustrated the urgency of food defence with real cases from industry: • Disgruntled employee sabotage — including a 2014 U.S. case where bleach was added to a tanker, detected only because of strong internal controls.
• Workplace security failures — such as an employee bringing a weapon onto site, revealing lapses in staff screening.
• Fraud by outsiders and contractors — from fake government officials stealing product to contractors removing inventory and truck parts, reinforcing that third-party access is a major vulnerability.
• Deliberate contamination leading to national crises — as seen in the Brisbane strawberry needle contamination incident, which triggered widespread recalls and global copycat acts.
• Cyber extortion — including a case where attackers locked a company out of its operational systems, leading to days of lost production despite having backups.

These incidents demonstrate how intentional contamination or malicious attacks can escalate quickly, cause severe economic loss, damage brand trust, and endanger consumers.

Core principles of a resilient food defence system
Mackay outlined a continuous improvement cycle built around:
1. Assessment
2. Preventive Controls
3. Monitoring & Detection
4. Response
5. Recovery

She highlighted four critical vulnerability assessment categories:
• People — Staff, contractors, temporary workers, and visitors, who may pose insider risks.
• Materials — Safeguarding raw materials, inventory, and storage.
• Equipment & Systems — Protecting machinery, recipes, formulations, and digital operating systems from malicious manipulation.
• Facilities & Premises — Ensuring controlled access, preventing tailgating, and eliminating behaviours that bypass secure entry (like propping open doors).

A structured scoring of likelihood and impact enables businesses to prioritise resources and strengthen areas of highest concern.

Conclusion
Mackay concluded by reminding attendees that food defence is no longer optional. As threats evolve, businesses must invest in thorough prevention strategies, integrated security systems, multi-department collaboration, and continuous monitoring. A resilient food defence framework not only protects consumers but builds long-term trust, operational stability, and brand protection in an increasingly unpredictable world.