A couple of weeks ago I moderated a panel at EMILI’s annual Agriculture Enlightened conference focused on cybersecurity. I was joined on the panel by Marty Fisher, President of Sherpa Marketing, Janos Botschner from the Community Safety Knowledge Alliance (CSKA Canada) and Ritesh Kotak, a cybersecurity professional and tech media commentator.
Cybersecurity is of growing importance for agriculture and food businesses, due to the increasing use of digital network connected tools, both on-farm and in the supply chain. I’m by no means an expert on the topic, so moderating the panel was a great way to learn.
The panel discussion started with Marty reflecting on his experience of a recent cyber security incident at his firm. Marty was able to bring us inside their preparations and what his team went through to get through the recovery process. I want to thank Marty for his willingness to share his story. Cyber security incidents are all too common, and it is rare that someone is willing to talk openly about their experience of this reality.
Three ways to improve cybersecurity readiness
Our discussion wasn’t all doom and gloom though. Looking at what needs to be done to improve the overall cybersecurity readiness of the Canadian agri-food sector a few things stuck with me:
- Businesses can make a great start by developing the skill and capabilities of their people, rather than spending big on new technology out of the gate. The day-to-day practices people use on the job are a major source of vulnerabilities, so improvements here can yield substantial gains and are the foundation for additional downstream actions.
- Business owners, especially small businesses owners, don’t have to do this alone. There is a wide range of resources available and cybersecurity professionals who are ready to help. That’s not to mention the potential role of peer-to-peer support – learning from people in your network who are further along and are willing to share their experience.
- Planning is key and can build on existing risk management capability. Working out how you would respond in advance of an incident is critical to getting it right when the pressure is on. Think about it – we have all practiced fire drills for years to be ready and calm in the event of an actual fire. Why not use a similar approach in the context of cybersecurity? And much of this preparation work links up with existing risk management skills that are already well developed within the farming and food sector.
Thanks again to Marty for sharing his experience, and to Janos and Ritesh for sharing their expertise.
So, while there is a lot of work to do in this area, I’m optimistic that the agri-food sector will be able to meet the challenge. This is important as managing these risks will underpin successful adoption and integration of new digital technologies to advance the sector.
Janos and Ritesh mentioned some great (and free!) online resources relevant to growers, or other small-business owners, that I wanted to share:
Just Tech – Ritesh and two colleagues built this free tool to help small business owners by simplifying and providing a one-stop shop for privacy breach reporting. The tools include cyber policies, an automated PIPEDA form generator and cybersecurity course.
CSKA Canada – Overview of Cybersecurity in Agriculture – Janos leads a project at CSKA funded by Public Safety Canada, focusing on understanding, and building, cyber security capacity in the Canadian agri-food sector. This is a great overview and starting point for anyone interested in the topic!
Jump over to the LinkedIn version of this post to add your voice to the discussion!
Written by Dan Lussier, Project Manager, Agri-food data