Subscribe to our blog for all the latest news, updates, and events from MMA and our partners
Subscribe
On March 15th, 2022, President Joe Biden and the US Government passed new legislation to strengthen the Department of Justice (DOJ) Cybersecurity and Infrastructure Security Agency (CISA) position by requiring the reporting of all cyber incidents or ransomware payments. This legislation underscores the importance of cyber insurance for agribusiness, as the food and agriculture industry is classified as a critical infrastructure sector that must enhance its cybersecurity measures. The Cyber Incident Reporting for Critical Infrastructure Act aims to protect these vital sectors from increasing cyber threats.
The food and agriculture industry is classified as a critical infrastructure sector by the Cybersecurity and Infrastructure Security Agency (CISA). However, this sector of critical infrastructure has historically not placed as much emphasis on cybersecurity as other critical sectors. Ensuring the safety and functionality of the agriculture industry is crucial. This includes implementing a cyber security program that is resilient, especially with the increased use of technology within the agriculture space.
Agribusiness makes an attractive target for cyber attackers. Increased usage and reliance on technology in critical business processes has increased the cyber-attack surface of agribusinesses significantly. There are more entry points into the organization, and once access is gained, attacks can be severe. The reliance on technology as well as the time-sensitive nature of planting, harvesting, and transporting commodities means a shutdown or disruption can be devastating. Due to complex and tightly efficient supply chains, an attack against one organization can have a large ripple effect on those downstream. An attack against one organization can have a greater impact on food supply of communities or even the nation at large, also providing an incentive for foreign adversaries to target agribusiness in the U.S.
A technique used by hackers to manipulate and deceive people into revealing sensitive information or performing actions they would not normally do. This could include clicking malicious link or downloading malicious files to gain initial access to further attack. This could even lead to the transferring money as a direct result of fraudulent instructions given by someone impersonating a trusted business partner like a vendor or employee. Social engineering is carried out via email, phone, or text.
A type of malicious software that hackers use to block access to a computer system or files until a ransom is paid. Ransomware holds your files or systems hostage until you pay the attackers to release them. They will often threaten to leak sensitive data if the ransom is not paid.
When unauthorized individuals gain access to sensitive or confidential information such as social security numbers, credit card details, or intellectual property.
Explore cyber insurance for agribusiness options.
Social engineering is becoming extremely sophisticated with the introduction of tools such as AI. Being able to tailor emails specifically to a target or even impersonate the voice of someone trusted in convincing you to wire money to them poses a significant risk across industries.
The agribusiness sector is an attractive ransomware target due to the critical nature that agribusiness plays as well as the time-sensitive nature of business operations. This coupled with the historical lack of planning around what to do in a cyber event creates increased desperation in the time of a ransomware attack. This means organizations are more likely to pay a ransom to get back up and running quickly to avoid revenue loss. Paid ransoms (up to millions of dollars) coupled with costs of investigation into the cyber event, any regulatory fines, legal defense costs, and costs involved in restoring damaged systems adds up quickly.
Data breaches around customer or employee data stored can also lead to steep costs. There is the cost of investigation into the cyber event, any regulatory fines, and legal defense costs. There is also the cost of providing required breach notification to individuals affected by a data breach and credit monitoring to individuals who might have had sensitive data like social security number exposed. Data breaches of intellectual property can also lead to a loss of competitive advantage which can be extremely damaging.
The impact of a cyberattack can be long lasting. Sustaining a cyber-attack not only leads to significant financial loss, but also reputational harm. Maintaining effective cybersecurity is crucial to maintaining brand value and maintaining customer faith in the organization long after the initial impact of the event.
There are twelve controls recommended for any organization to improve their security posture and increase their insurability in cyber. Three of these top controls recommended are email filtering and web security, multi-factor authentication (MFA), and backups.
Email filtering and web security helps mitigate losses surrounding social engineering. It prevents users from even receiving those malicious emails and prevents users from visiting malicious websites. Multi-factor authentication (MFA) provides an additional layer in verifying a user’s identity when requesting access to a computer resource to prevent events such as data breaches which are due to this unauthorized access. Backups are crucial in recovering from an event such as ransomware. If there are other systems to failover to or other places data is stored, this places an organization in a better position to continue operations.
Cyber insurance for agribusiness coverage is a solution to offsetting the financial risk as well as accessing resources that will assist in prevention and response in the event of a cyber-attack. There are many other controls and processes that can prevent attacks, but the financial risk is very high. Consider consulting with a cyber risk insurance professional about best practice to ensure you are protected against the very real threat of cyber-attacks.
Learn more about insurance solutions for dairies and farm.
Subscribe to our blog for all the latest news, updates, and events from MMA and our partners
Subscribe
Copyright © 2025 Marsh & McLennan Agency LLC., All Rights Reserved.