How’s Your Cyber Security?

  • Agribusiness
  • 9/26/2021

Your farm business is subject to Cyber attacks and the attackers continue to be very aggressive. We review several steps you can take to prevent these attacks.

Many of you have probably read or heard about the Cyber security attacks on a couple of cooperatives in the Midwest.  Ransomware appears to have been paid in each attack.

If your business has any dealings via the internet you are subject to attacks.

We hope you have been conducting regular penetration/spear phishing testing and have implemented IT security plans and protocols.  A list of items to consider/check/implement immediately within your systems (if not already done):

• Air-gap the backup media
• Implement egress monitoring
• Remove local administrator from end user community
• Consider application whitelisting
• Update security patches
• Change passwords and use multi-factor authentication on cloud services and VPN.
• Conduct external penetration testing

Other comments focused on incident response preparedness as, unfortunately, data breaches can still occur despite implementing all the best security precautions.  Recommendation are:
• Develop an incident response plan
1. Include the appropriate procedures
2. Ensure points of contact are included
3. Keep the plan update to date
• Establish relationships with key incident responders
1. Breach Counsel
2. Forensic provider
3. Public relations
• Practice the Plan
1. Like all emergency procedures, they need to be practiced
2. Tabletop exercises- simulations where participants walk through the incident and response procedures
3. Penetration testing
4. Spear phishing tests

We hope you have been following the news and have proactively developed, tested and practiced your IT security plans. If so, please take time to review them again in light of what is happening. If not, now is the time to take action. We have a series of webinars on Cybersecurity in the next month.

Whether you use the resources we have here at CLA or not, the important thing is to take action to protect your information and organization from cyber and ransomware attacks. The cost of doing nothing is higher than ever.

 

This blog contains general information and does not constitute the rendering of legal, accounting, investment, tax, or other professional services. Consult with your advisors regarding the applicability of this content to your specific circumstances.

Experience the CLA Promise


Subscribe