When it came to cyber risk in 2020, ransomware reigned supreme. Instances of ransomware grew by more than 150% in 2020 alone, and this trend doesn’t look to be going anywhere. There was also a notable increase in the severity of attacks based on a few metrics. For 2020, the average ransom demanded increased by over twofold and amounted to $170,000 on average. Affected organizations also experienced 18 days of downtime on average due to attacks, and before encrypting data for impact, ransomware operators spent on average 13 days in compromised networks.

Proposition 24, enacted through the recent November elections, is set to change and expand California’s data privacy legislation. The details of these changes will be worked out over the coming months; however, the broad and major changes are set in stone. Of these changes, there are five major changes that look to have the largest impact on organizations. These changes include a new enforcement agency, the introduction of new concepts such as “sensitive” personal information, and the empowerment of consumers regarding their data and privacy rights.

When organizations operate with remote workers or expand their cloud systems, discipline is key. Practicing good cyber hygiene is essential regardless; however, under these circumstances, it’s especially imperative due to the increased risks organizations take on when intertwining these efforts.

Smart technology is being incorporated across the entire agricultural process. Heavy machinery, sensors, artificial intelligence, and cloud systems are being widely adopted to operate automatically without the need for human interaction. The growing number of these smart devices, their widespread interconnectivity on your network, and the increasing number of these inputs running autonomously with internet access put these systems at greater risk.

A critically important consideration for small and medium-sized businesses (SMBs) is how to address cyber risks to safeguard customer data and/or critical business operations.  A return on investment analysis, alone, can build a strong case for making cyber protection a corporate priority.  However, how organizations approach this challenge varies widely.  It is imperative that cyber spending be balanced with other business risks to ensure that organizations are effective stewards of corporate resources.

In response to the increased use of offsite and offline backups, cybercriminals adapted and developed a new approach to conducting ransomware attacks during 2020. Known as double extortion, some cybercriminals are first engaging in data exfiltration before encrypting an organization’s systems. To make matters worse, third-party targeting and the increased use of remote work have increased organization’s risk of being affected by double extortion attacks going into 2021.

As the AG & CE industry has added more complicated devices and sensitive data on organizational networks, it has drawn more attention from cybercriminals who want to use these resources to extort, disrupt, and attack your organization. The direct costs of paying ransoms and restoring systems are not the only costs AG & CE organizations face when sustaining ransomware attacks, however, what can be more costly are indirect losses.