A new year often means new priorities. As you evaluate your plans for 2023, make sure protecting your business from cyberattacks is one of them.
It’s easy to think of cybercrime as something that happens to other people in other companies, but it’s not limited to specific industries like finance. This is especially true as more businesses increase their reliance on technology and more of their operations and devices are connected to the internet. In the horticulture industry we see several examples of greenhouses using new technologies to improve standards – from growing and harvesting efficiency to customer communication.
However, more networked processes and online services can entail additional risks. In fact, just last year, the FBI warned farming entrepreneurs about the rise in cyberattacks.
So what can you do to protect your business? Let’s take a closer look.
Types of Cyber Risks
Agricultural producers looking for the best ways to deal with ongoing labor problems
Before you can take steps to protect your business, it helps to understand the types of cyber risks that exist and how hackers can gain access to sensitive information.
- ransomware: Ransomware is malicious software that restricts access to files – usually through encryption. Cyber criminals can threaten to delete the data, share it publicly, or leave it encrypted if the victim doesn’t pay the ransom. Since any device that connects to the internet can be affected by ransomware, this type of attack has quickly become one of the top threats facing growers.
- phishing: Phishing occurs when cybercriminals send fraudulent emails or messages—usually disguised as legitimate communications—to obtain personal information, money, or access to a device. Often the messages are written to give the reader a sense of urgency to click a link or send information. Phishing puts your organization’s data security at risk and can later lead to more costly ransomware attacks.
- Fraudulent impersonation: Fraudulent impersonation occurs when a cyber attacker impersonates someone – such as an authority figure or vendor – to obtain data or money from your organization. The scam can begin with a phone call, email, text message, or any other form of communication. Many attacks occur when well-meaning employees receive an invoice from a fraudulent provider and transfer money into the criminal’s bank account.
Any of the above risks could disrupt your operations and expose confidential data. The good news is that there are several inexpensive steps you can take to reduce the risk and impact of a potential cyberattack. Here’s how to get started.
Reduce the risk of human error
When you think about the causes of a data breach, you might think of hackers or outdated technology. And while these factors can pose a threat to your business, human error often plays a significant role. In most cases, cyber infections can be traced back to someone clicking on something they shouldn’t.
Train your employees in cybersecurity immediately upon hire and at least annually thereafter. Your team is often the first line of defense against cyber threats as they interact with your greenhouse systems and technology.
Help your employees identify suspicious activity and teach them how to manage the company’s IT equipment. A clear set of guidelines should be available for everyone to follow if someone suspects a security threat. Armed with the right skills and knowledge, your people can identify potential risks and take precautions before a threat becomes a breach.
Assess and strengthen your technology
On my earlier point, the technology you use can open your greenhouse to additional vulnerabilities. When speaking to growers, I often encourage them to have their hardware and software systems checked for strong encryption and authorization protocols by a local security expert.
If you plan to phase out old technology, first transfer and delete all sensitive data from the system. This can help keep your critical data from falling into the wrong hands. It’s also important to lock laptops and other devices when not in use in your facility to prevent unauthorized access. With the technology in place, remember to update your software and operating systems regularly. These updates can include patches and security fixes to keep you one step ahead of potential cyber risks.
And while we’ve all heard similar advice before, don’t overlook the value of strong passwords. Encourage your employees to create long, unique passwords using a variety of characters, numbers, and symbols. To support this, you should consider requiring regular password resets on all company devices you provision. Sometimes the simplest steps can offer the strongest protection.
Back up your critical data
While prevention is a top priority, we’ve seen cyberattacks evolve over the years. Because of this, backing up your data is among the most effective ways to ensure you can recover and recover information after an incident. Store local copies of all data essential to running your business.
Consider cyber insurance
Even if you take every precaution, mistakes happen, and when they do, the results can be costly. Cyber insurance can help financially protect your business from damage caused by a cyber attack. It helps protect your business from liability claims against others and can reimburse you for costs related to a data breach – these could include:
- computer specialists
- Legal advice
- Public relations expenses
- notification costs
- Credit Monitoring Services
It’s also worth noting that if you have cyber liability insurance, your insurer may offer additional online resources you can use to educate your employees. This allows you to fully utilize your cover and sensitize your team to reduce the risk of losses.
Help is available
Do not wait. A data breach in your organization can result in stolen data, high costs and permanent damage to your reputation.
If you have cyber liability insurance, your insurance provider can help cover losses if sensitive data is compromised in your organization. They can also provide information and resources to help you avoid losses before they happen.
Hopefully the steps I’ve shared in this article will help you thoroughly reconcile your plans for 2023, but they shouldn’t replace the conversations you should have with your insurance carrier or agent. Your insurer can help provide more specific advice and support you with policy updates. Please email me if you have any questions. I am glad to help. And a Happy New Year!
Cybersecurity: A Guide to Greenhouse Cybersecurity