Editor's Note: DTN/Progressive Farmer recently posted a special series called Cybersecurity and Ag to examine the threat cyberattackers pose to agriculture and explore what farmers, ranchers and agribusinesses can do to protect themselves against these high-tech criminals. This is the fifth story in the series.
Chief Information Security Officer and Vice President of IT Security for CHS Sarah Engstrom provides practical steps anyone can take to help safeguard their information and stymie hackers.
1. EMPLOYEE MAIL. Email scams are rampant and are a primary way hackers access data. Email traditionally is "single factor" entry, meaning username and password are all that was required to let the user in. A SAFER WAY is to use multi-factor authentication utilizing authenticator apps through cellphones or other devices.
2. DEVICE HYGIENE. System updates are often released to patch a security issue. The old way was to set it and forget it when it came to technology. A SAFER WAY is to make updates as they come available. This is known as "patching." When a system is old and no longer updates its major operating systems, consider replacing the device.
3. BUSINESS OWNERS NEED IT UPDATES. Assuming your data and connections are secure is a mistake in today's environment. A SAFER WAY is to have a conversation monthly or quarterly with your organization's IT team, or any third-party entities you share data with. Ask if they are spending to secure their platforms, whether they have been hacked, and what they have in place to combat future threats.
4. RETHINK INSURANCE. Insurance isn't just for your house and car anymore. More and more claims are being filed with insurance companies over cyberattacks and the damage related to them; in some cases, insurers refuse to indemnify for these losses. A SAFER WAY is for business owners to talk to insurance providers and know if they are covered for losses in the event they are hacked. Those who find they are not covered for this kind of loss should investigate coverage that will cover damages.
5. INCIDENT RESPONSE TEAMS. Incident response companies are called in, usually prior to paying any type of ransom, to assess a hacking situation. Sometimes cybercriminals will claim they stole data when they did not take anything of importance. Maybe the whole thing is a bluff, or enough redundancies are built in to make a workaround feasible. Incident response firms are overwhelmed due to the escalating number of cyberattacks. They prioritize customers with existing contractual relationships. A SAFER WAY is to talk to your insurer about incident response firms they use and would recommend. Look into the cost of a contract with one of those firms for faster response in the event you are hacked.
Next in the series: Threats hackers posed to precision agriculture were identified in 2018.
You can find earlier stories in this series at:
-- Cybersecurity and Ag - 4
Precision Ag Companies Strive for Cybersecurity, but Hacking Threat Remains
-- Cybersecurity and Ag - 3
Is Uncle Sam Asleep on the Cybersecurity Job?
-- Cybersecurity and Ag - 2
Ag Corporations Prepare for Battle Against Hackers
-- Cybersecurity and Ag - 1
Cybercriminals Take Aim at America's Food Supply
Victoria Myers can be reached at firstname.lastname@example.org
Follow her on Twitter @myersPF
(c) Copyright 2021 DTN, LLC. All rights reserved.