In previous articles published in Food Safety Magazine,^1,2,3 the authors urged the food protection community to break out of its siloed monitoring habits and adopt an integrated, AI-ready, One Health biosurveillance network. This article explores some next steps. It argues that the fastest path to such a network is to expand the mission of the Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) and to increase cross-coordination with aligned critical infrastructure-specific ISACs, federal and state agencies, analysts, and industry.

BIO-ISAC is a 501(c)(3) founded in 2021 to "advance cybersecurity resilience within the life sciences—including efforts in AI, biotechnology, biomanufacturing, and the broader bioeconomy." BIO-ISAC offers confidential information-sharing, coordinated vulnerability disclosure, tools and guides for cyberbiosecurity, and workforce development. Its membership spans agriculture, biology, medical devices, and national security researchers—exactly the cross-sector coalition that One Health biosurveillance requires.⁴

By contrast, the Food and Ag-ISAC grew out of an IT-ISAC special interest group created in 2013. True to those roots, it delivers adversary attack playbooks, incident response alerts, and a Splunk-based indicator-sharing platform to help food and agriculture companies detect cyberattacks against their enterprise IT systems. That capability should be preserved and strengthened.⁵

What the sector lacks is not another ISAC but a biosurveillance augmentation of BIO-ISAC—an iteration able to ingest soil moisture probe data, wastewater qPCR reads, drone hyperspectral imagery, whole genome sequences, and other sensor data and then fuse them using AI tools to warn the food system of emerging biological threats. By borrowing the lessons ISACs learned from firewalls and log files, we can build an early warning backbone for biology. The remainder of this article maps the risk landscape, the technical requirements, and the policy steps needed to make that evolution real.

Why the Time is Now—A Changing Risk Environment

The food system's biological risk profile is accelerating on multiple fronts. In early 2024, highly pathogenic avian influenza (HPAI) H5N1 leapt from birds into U.S. dairy cattle, crossed state lines, and infected a dairy worker, all within 12 months.⁶ Records from the Centers for Disease Control and Prevention (CDC) and the U.S. Department of Agriculture (USDA) show more than 200 mammalian H5N1 detections since 2022.⁷ The episode affirmed what climate scientists and epidemiologists have warned: warming temperatures, shifting wildlife ranges, and densely networked supply chains give pathogens a speed advantage that humans lack.

In response to this event, BIO-ISAC coordinated early-stage information from agriculture industry partners, evaluated related cyber risks related to this advancement of H5N1, connected with Healthcare Ready, and coordinated close-hold briefings for appropriate agencies and industry on expected risks.

While we can now sequence a Salmonella genome in 30 hours, we still lack a trusted conduit to push that signal across the wider food safety community. For example, the Food and Ag-ISAC excels at sharing cyber indicators such as MITRE ATT&CK-based playbooks, real-time IoCs, and Splunk feeds for large multinational companies in the sector, but it does not collect and analyze soil chemistry, qPCR wastewater reads, or remote sensing data.

BIO-ISAC excels at traditional biosecurity information sharing with government partners such as the National Security Council and the Office of Science and Technology Policy in the White House, various law enforcement agencies, and others. It also conducts cybersecurity research and provides sector briefings on the equipment, instruments, data, and tools connected in the biotechnology and biomanufacturing environments that deliver, produce, and prepare everything from apples to vaccines. However, BIO-ISAC lacks access to a comprehensive biological sensor network that would provide real-time biosecurity information, similar to the traditional cybersecurity sensors it does access.

A comprehensive biosurveillance system that includes the analysis of biological specimens, data mapping, and inputs from the related cyber-connected systems demands the expertise of BIO-ISAC. The tools exist, the threats are here, and BIO-ISAC has the legal shell, mission overlap, and stakeholder trust to absorb a new biosurveillance mandate. Harnessing that momentum will close the strategic blind spot that today leaves food safety professionals reacting to outbreaks rather than pre-empting them.

Core Capabilities of a Biosurveillance-Enhanced BIO-ISAC

Transforming BIO-ISAC into a fully capable biosurveillance exchange does not require wholesale reinvention. Rather, it needs targeted augmentation. Some initial efforts might include:

• Environmental and Agricultural Sensor Integration

  • Ground-level sensors: soil moisture probes, air quality monitors, pH and nitrate sensors, animal-wearable diagnostics
  • Facility-based sensors: qPCR wastewater sampling, HVAC biosampling in food processing, hyperspectral pathogen detection
  • Aerial/satellite sensors: plant stress detection by drones at low levels, remote sensing of animal or vegetative anomalies by assets in orbit.
• Genomic and Volatilome Surveillance
  • Whole genome sequencing (WGS) for pathogen tracing and outbreak detection⁸
  • Volatilome sensing for early indicators of plant and animal disease²
  • Microbiome monitoring for soil and environmental anomaly detection.

• AI-Driven Data Fusion and Risk Scoring

  • Machine learning for baselining and anomaly detection.
  • Dashboards tailored to producers, regulators, and researchers.
  • Human-in-the-loop validation.

At a higher level, requirements for the use and training of AI models with biological data are needed, and the integrity of the data, model, and its future iterations must be defended.⁹ For example, the inclusion of pathogen analysis in AI training sets would require that all data derived from those findings meet standard regulatory and/or laboratory handling and processing requirements. In this way, data related to "Pathogen X" is confirmed to be based upon the definitive proof that "X is X." In addition, data used to train the AI model must be stored and processed in accordance with prescribed industry and government standards for cybersecurity, information integrity, and cognitive security, to reduce errors and AI hallucinations. Disseminated findings and recommendations to BIO-ISAC constituencies would also be subject to these strict data handling requirements.

“Biological threats demand proactive domain awareness, just as cyber threats do.”

The One Health Framework—Integrating Silos

One Health highlights the interconnectedness of human, animal, plant, and environmental health. BIO-ISAC's diverse membership makes it an ideal integrator, bridging silos across:

• Public health, emergency response, and enforcement agencies
• Veterinary networks
• Environmental monitoring bodies
• Food producers and processors
• Genomic and aligned biotechnology labs
• AI platforms.

By acting as a signal integrator rather than a regulator, BIO-ISAC can ensure early warning signs are not overlooked or dismissed simply because they fall outside a specific sector's purview.

The 2024–2025 H5N1 dairy outbreak showed how misinformation can spread faster than a pathogen.³ An enhanced BIO-ISAC can also serve a critical role in:

• Pre-staging messaging templates
• Training on crisis communication and misinformation management
• Monitoring social narratives and adjusting communications accordingly
• Translating technical data into accessible language.

As ISACs have shown, clear, coordinated messaging can help prevent confusion and maintain public trust in times of biological uncertainty. During known vulnerability efforts since 2021, BIO-ISAC has delivered publicly available key verification, training, policy guides, and expert support.

For a biosurveillance-enabled BIO-ISAC to succeed, it must adhere to principles of trust and transparency:

• Neutrality and Trust: Maintain BIO-ISAC's role as a neutral convener
• Legal Protections: Adapt existing laws like the Protected Critical Infrastructure Information (PCII) Program¹⁰ and the Cybersecurity Information Sharing Act (CISA) of 2015¹¹ to safeguard biosurveillance data
• Tiered Access and Anonymization: Implement role-based data sharing with strong anonymization protocols
• Coordination with Agencies: Develop clear MOUs and escalation protocols with USDA, the Food and Drug Administration (FDA), CDC, and state agencies
• A Roadmap for Implementation: From pilot to platform.

To enable these suggested enhancements to BIO-ISAC, we suggest the following roadmap:

• Phase 1: Convene stakeholders and define scope
• Phase 2: Launch biosurveillance pilot projects in high-risk sectors
• Phase 3: Build data-sharing infrastructure with AI analytics
• Phase 4: Formalize coordination with regulatory and public health bodies
• Phase 5: Conduct simulations and continuous improvement exercises.

This phased approach ensures that BIO-ISAC evolves responsibly, delivering early value while building the trust and capacity required for sector-wide adoption.

You Cannot Defend What You Are Not Aware Of

Biological threats demand proactive domain awareness, just as cyber threats do. The technology, expertise, and stakeholder networks already exist. BIO-ISAC is perfectly positioned to become the biosurveillance hub the food system needs, complementing the mission of the Food and Ag-ISAC rather than competing with it.

By expanding BIO-ISAC's mission now, the food protection community can seize the initiative—sharing insights early, responding faster, and protecting public health before the next biological crisis takes hold.

Notes

• The data referred to in this article was obtained using private sector analytical services and databases made available to the authors. The authors sincerely thank those responsible for the analysis.
• Data obtained from private sector sources.

References

1. Norton, R.A., M. Sachs, and C.A. Young. "A Future View of AI-Enhanced Biosurveillance." Food Safety Magazine. December 2023/January 2024. https://www.food-safety.com/articles/9110.
2. Norton, R.A., M. Sachs, and C.A. Young. "Two Tools for One Health and Biosurveillance." Food Safety Magazine. June/July 2024. https://www.food-safety.com/articles/9590.
3. Norton, R.A., C.A. Young, D. Gerstein, and M. Sachs. "Avian Influenza: Food Safety Messaging and Biosurveillance." Food Safety Magazine. August/September 2024. https://www.food-safety.com/articles/9675.
4. Bioeconomy Information Sharing and Analysis Center. "About Us." 2025. https://www.isac.bio/about.
5. Food and Ag-ISAC. "What We Do." 2025. https://www.foodandag-isac.org/what-we-do.
6. Centers for Disease Control and Prevention. "H5 Bird Flu: Current Situation." August 1, 2025. https://www.cdc.gov/bird-flu/situation-summary/index.html.
7. U.S. Department of Agriculture, Animal and Plant Health Inspection Service. "Detections of Highly Pathogenic Avian Influenza in Mammals." August 13, 2025. https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/mammals.
8. Centers for Disease Control and Prevention. "About Whole Genome Sequencing." January 8, 2024. https://www.cdc.gov/pulsenet/php/wgs/.
9. BIO-ISAC. "Artificial Intelligence Recommendations for Bio." March 15, 2025. https://www.isac.bio/post/airecommendations.
10. U.S. Department of Homeland Security. "Protected Critical Infrastructure Information (PCII) Program." 2025. https://www.dhs.gov/pcii.
11. Cybersecurity Information Sharing Act of 2015. Public Law No. 114–113, 129 Stat. 2242. 2015.