Canadian Farm News & Agriculture Real Estate - Farms, Ranches, Land For Sale | Farm Marketer. Best practices to improve your cyber resilience

There was a time when large organizations were the main targets of cyber criminals. Now, things are different.

Small- to medium-sized businesses, as well as individual farmers, face an increasingly diverse array of cyber threats. According to Joel Bouvier, director of cyber security and information technology with FCC, how people prepare for and prevent crises must also change.

Financial and political motivations

Hackers and other cyber criminals can be financially or politically motivated – or both. Politically motivated cybercrime, Bouvier says, is a significant and growing challenge. Because farmers and agricultural businesses are part of Canada’s critical national food and trade infrastructure, the sector faces a higher threat from those trying to disrupt or compromise it.

“The threat landscape facing producers is growing ever wider and more diverse,” Bouvier says. He cites ransomware – software that blocks access to computer systems and demands payment – and phishing – using emails and other messages to trick people into revealing sensitive information – as persistent threats, and ones that perpetrators are finding creative new ways to employ. Phishing messages are commonly sent via email, text messages and voicemail.

“The challenge for small and medium businesses is understanding what’s out there and what practices they can use to protect themselves,” Bouvier says.

Training and crisis management planning

There is a myriad of ways individuals can protect themselves and their businesses against malicious cyber actors.

“Not updating devices, that’s where a lot of vulnerabilities come from. Update regularly and enable multi-factor authentication too,” Bouvier says, referring to the practice of requiring more than one method of account verification when logging in (a password plus text message confirmation, for example).

He adds another easy but often overlooked way to protect yourself is separating everyday use accounts for the family from those used only by administrators. If an attack occurs through an everyday use account, it may not gain access to the core functions of the device and thus can be isolated and managed.

“Take time to learn about phishing – what to look for in a message, what those suspicious indicators are.”

Many small businesses don’t have response plans, but Bouvier says they should consider preparing one. “Prepare for something to happen. Think about when, not if, it will happen. Develop an incident response plan instead of scrambling in the moment.”

Read More