Saskatchewan cybersecurity expert Brennan Schmidt and Ali Dehghantanha of the University of Guelph offered the following tips to prevent a cybersecurity breach, handle an attack and mop up the fallout.
To prevent a breach: Take a comprehensive inventory of all technology and identify the most important and potentially vulnerable pieces.
Use unique, solid passwords, enable multi-factor authentication where possible and consider using a password manager program.
Read Also
Five years and counting: Inside Canada’s seed regulatory overhaul
Canada’s seed rule modernization is finally seeing the end of the tunnel, but not everyone in agriculture is convinced about the changes or that the timeline is good enough.
Limit farm system and sensitive information access to essential personnel.
Educate the team to recognize cyber threats like unauthorized access to feeding systems.
Conduct routine audits and simulations with security specialists and partner with trusted companies with strong cybersecurity measures before sharing data.
Use updated systems and an encrypted Virtual Private Network to separate home and farm business access. Keep the farm network inaccessible to guests and suppliers.
Engage with cybersecurity professionals for assistance and use automated and remote monitoring systems.
Always back up information to external drives with no internet access and secure clouds and maintain detailed records of communications/transactions to identify discrepancies. Schmidt added that storing an external hard drive in a separate location, away from the farm, can keep information safe in case of an emergency such as a flood or fire.
During a breach: Remain calm and immediately report the incident to your cybersecurity service provider. It will advise on next steps.
Attempt to determine the scope and impact of the breach.
Do not negotiate with hackers directly. Leave that to professionals, who will negotiate for lower ransoms if necessary.
Never pay a digital currency ransom with your virtual wallet. Let the professionals handle that if payment is necessary.
After a breach: Monitor all systems to ensure they are safe and meet security standards.
Identify and address system vulnerabilities to stave off future breaches.
The evolution of cybersecurity is ongoing; keep up to date on current threats and educate employees on changes.
