How Agriculture is Navigating Cybersecurity Challenges

A recent panel discussion at AgSafe‘s ACTIVATE24 conference brought together a unique group of thought leaders who shared key insights about how the agriculture industry is navigating cybersecurity challenges.

Panelists included:

• Greg Gatzke, ZAG’s president and CEO.
• Jennifer Wilson, a seasoned cybersecurity expert from Newfront Insurance, shared her extensive knowledge and experience in mitigating cyber risks across various industries, including agriculture.
• Carolyn Ryan of Mullen Coughlin. Carolyn navigates the legal intricacies of cybersecurity preparedness and response for her clients.

This post summarizes the key takeaways from Greg, Jennifer, and Carolyn’s session.

Navigating Cybersecurity Challenges

The panel underscored the urgent and severe nature of cybersecurity threats, including ransomware attacks and disruptions caused by ‘chaos creators,’ who strategically aim to disrupt organizations during their busiest seasons.

Cybercriminals are more sophisticated and aggressive than ever, leading Wilson to stress the importance of communicating with internal and external parties when a breach occurs. She continued, “Companies need to know ahead of time if they will pay a ransom.”

Gatzke added, “And there is no guarantee that if you pay, they’ll give you the keys.” Wilson agreed.

She then recounted a recent story of a client who had customer and employee personal identifiable information (PII) stolen. While the client deliberated paying the ransom demand, the threat actors called their customers and told them, “We have your PII. Tell them to pay the ransom, or we will sell your confidential information to third parties.”

Current Threats

The panelists expressed deep concern about the increasing prevalence of business email compromise, wire transfer fraud, and ransomware, now top cybersecurity threats across all industries, including agriculture.

Apple reports (PDF) that in just the first nine months of 2023, data breaches in the US had already increased by nearly 20% over 2022. Gatzke emphasized the crucial nature of proactive defense measures, highlighting the prevalence of phishing attacks and social engineering tactics targeting agricultural organizations.

Next Steps

The panel provided valuable perspectives on prevalent risks facing growers and distributors and actionable steps to fortify cyber resilience and prepare for a breach.

Throughout the discussion, several overarching themes emerged, providing valuable guidance for how the agriculture industry can think about navigating cybersecurity challenges:

1. Risk Awareness and Assessment
2. Legal Compliance and Preparedness
3. Insurance Coverage and Risk Mitigation
4. Collaborative Defense Strategies
5. IT Resilience and Recovery

Close and Lock the Door

Most cybercriminals don’t need to hack into your systems. They’re often let in.

Accidental clicks on malicious links and inadequate email security measures leave organizations susceptible to phishing attacks and email compromise. Other network infrastructure weaknesses, such as open ports and unpatched systems, present additional entry points for cyber threats to infiltrate agricultural networks and systems.

In addition to encrypting and stealing data and sensitive information, commonly known as double extortion, cybercriminals have recently introduced triple extortion. This involves launching an attack that forces a website, computer, or online service to go offline by flooding it with internet traffic and preventing users from connecting. Ryan shared a sobering statistic, “We’ve seen triple extortions increase 15% to 20% from the previous year.”

Knowledge is Power

Wilson and Gatzke also stressed the importance of conducting regular and comprehensive cyber risk assessments to identify gaps and assess the effectiveness of existing cybersecurity measures. Cyber risk assessments can help organizations comply with industry and government regulations and standards.

While running cyber risk assessments is crucial, the group agreed that raising awareness among all internal and external stakeholders about potential risks is also vital. The interconnectedness of ag today warrants this awareness.

Continuing training programs, workshops, and informational campaigns can help educate end-users about current and new cyber threats. Ryan added, “We also need to train users on the importance of and process for reporting suspected threats to IT.”

Check the Rulebook

Ensuring compliance with relevant laws and regulations is paramount to safeguarding sensitive data and maintaining the trust of customers and stakeholders. For example, organizations are subject to regulations like the California Consumer Privacy Act (CCPA).

Additionally, agribusinesses must consider industry-specific rules, such as the developing USDA Agricultural Marketing Service (AMS) cyber rules outlined in the GIAC Cyber Security Discussion Paper.

Compliance with these regulations may involve implementing encryption protocols, access controls, and data breach response procedures. Preparedness for cybersecurity incidents is crucial to business operations and mitigating potential legal and financial liabilities. Firms such as Mullen Coughlin specialize in these laws and regulations.

Insurance Mitigates Risk

Wilson then spoke about cyber insurance’s role in protecting agriculture businesses against a cyberattack’s potentially significant financial and operational impact. She noted that the right policy is tailored specifically for the agriculture sector and can provide coverage for a range of cyber risks, including some of the most common, such as:

• Data breaches
• Ransomware attacks
• Business email compromise
• Wire transfer fraud
• Supply chain disruptions

These policies typically offer financial protection against expenses related to data recovery, legal liabilities, regulatory fines, and business interruption costs. “Be sure your policy includes cybercrime and has adequate insurance limits, with at least $3 million,” Wilson recommended.

By combining robust insurance coverage with proactive risk mitigation efforts, agricultural businesses can enhance their resilience to cyber threats and minimize the potential for financial losses and reputational damage.

Collaborative Defense Strategies

Agricultural businesses can empower themselves by leveraging collective intelligence and resources to bolster their defense against cyberattacks. By fostering collaboration among internal stakeholders, external partners, and industry peers, they can actively contribute to strengthening the industry’s collective resilience.

Internally, collaboration involves aligning various departments within an agricultural organization, such as IT, operations, and management, to work together toward common cybersecurity goals.

Internal collaboration includes:

• Promoting employee awareness of cyber threats.
• Establishing clear communication channels for reporting potential incidents.
• Implementing consistent cybersecurity protocols and practices across the organization.

By fostering collaboration with suppliers, vendors, and other external stakeholders, agricultural businesses can enhance their cybersecurity posture and mitigate shared risks, strengthening the industry’s collective resilience.

“The past year alone has seen an increase of about 15% to 20% in third-party breaches from the previous year,” Ryan commented. You needn’t only think about your systems and the cybersecurity measures implemented in the companies you conduct business with.”

IT Response and Recovery

Incident response planning and recovery are vital aspects of cybersecurity preparedness. In agriculture, where downtime directly impacts crop yields and supply chain logistics, they are crucial for minimizing losses and maintaining certainty of supply.

Ryan emphasized the need for swift action in a cyber incident, advocating for immediate engagement with legal counsel and a breach response team (such as ZAG) to mitigate potential liabilities and regulatory repercussions.

Recovery strategies incorporate swift response protocols that outline procedures for detecting, containing, responding, and efficiently recovering from cyberattacks or data breaches. Gatzke and Ryan want companies to ensure their plans have the following:

• Detailed incident response plans, including clear communication channels
• Designated response teams
• Predefined recovery procedures
• Tabletop exercises to simulate breach scenarios

Promptly identifying and containing cyber threats and swiftly restoring affected systems and data, mitigate the impact of cyber incidents, and allow normal operations to resume with minimal disruption.

Gatzke said, “Our goal is to have our clients’ crucial systems back online and operational within 24 hours. It’s a challenge and huge undertaking, but it can be done for an organization whose digital infrastructure is well protected and whose teams are well prepared.”

Final Thoughts About Navigating Cybersecurity Challenges

As the agriculture industry continues to embrace digital transformation, proactive cybersecurity measures are paramount to safeguarding technology and data in the field and office, preserving consumer trust, and ensuring operational resilience in the face of evolving cyber threats.

By adopting a proactive mindset and leveraging insights from industry thought leaders, agricultural enterprises can be more confident navigating cybersecurity challenges and the complexities of the digital landscape with confidence and resilience.

The panel closed with one crucial piece of advice. In a breach, an organization should first mobilize a team of professionals specializing in response and recovery for agriculture.