Cybersecurity On The Farm: Your Risk And How To Mitigate It

November 4, 2021 Ohio Soybean Council

Article by Precision Ag Reviews

Agriculture could have a considerable cybersecurity risk, according to Deen Kaplan, a leading international trade and cybersecurity practitioner. The agricultural industry has a significant reliance on technology and is overall behind on the cyber preparation curve.

“Every time you connect with somebody, you create a risk. Not everybody you connect to you are going to know about and not everybody you connect to will have good motives. Now we’ve connected ourselves to the world through the internet,” said Kaplan.

The first step to preventing a cyber-attack is to simply be aware of your own risk.

Once you understand the potential areas of risk, farmers should develop a plan to address the risk and deal with an attack, should one ever happen.

Although a farmer might secure his or her own data, third party management is one significant area of risk. Consider that people who are very protective of their own credit cards are often put at risk because a store or company where they have made a purchase experiences a breach. This is a similar idea. Farmers have third parties that are accessing and using their data, and those third parties put farmers at additional risk.

A second key area of risk is incident preparedness and response.

“Most folks that I work with are big on incident preparedness and response once an incident occurs, but if that’s the point at which you are engaging, you are already a bit behind the curve,” Kaplan said.

The nature of agriculture — guaranteeing the food supply — puts farmers at a larger risk than they might realize. We can learn from other recent gas and food supply attacks that the agriculture industry does have a higher risk than some other industries for cyber-attacks simply from a national security angle. And there is always an insider threat. Farmers may have employees that are not fully vetted with access to data and systems. One ill-positioned employee could open many up to a cyber-attack.

“Walking something out of the building is sometimes a lot easier — including electronically walking something outside the building — than breaking down the barriers to get in,” said Kaplan.

What is a farmer to do?

Kaplan would advise farmers to begin by simply understanding and educating themselves about the risks. Reading this article is a great start! But also read up on the potential for cyber-attacks  and better understand the threats.

Then, speak with your third-party vendors to better understand their security measures. You might also wish to develop a plan for your own response should you find yourself at the mercy of a cyber-attack, and part of that plan could include more thorough vetting of your seasonal or full-time employees.

“If they [cyber criminals] haven’t come already, they are coming. We are a good target that is exploitable, and step one is to realize that. You have to pay attention before and not after,” said Kaplan.