Articles

Ransomware 101

By CFIN Newsdesk posted 10-17-2023 08:00

  

Welcome to YODL! In addition to daily original content, YODL helps CFIN Members find new partnersresources, and funding opportunities to grow their food business. Learn more about this growing community and become a CFIN Member (for free!) today 

CFIN and cybersecurity firm Beauceron have partnered to deliver a three-part webinar series on cybersecurity threats in the food and beverage industry. These webinars, made exclusively for CFIN members, dive into how cybercriminals target food and beverage companies and foodtech businesses, and offer actionable steps to protect your business from unwanted threats.  

 

In part two of the series Dana McCauley, CEO of CFIN, talked with David Shipley, CEO and co-founder of Beauceron Security, and Daniel Couillard, director general of Partnerships and Risk Mitigation, Canadian Centre for Cyber Security, about how ransomware works, and how companies can protect themselves from bad actors. 

 

Following the video are the top four takeaways. 

Here are the top four takeaways from the event: 

 

1. Ransomware is big business. 

 

Many ransomware operations are part of a sophisticated, multilevel criminal organization. There are now ransomware as a service providers who build and maintain the cloud criminal infrastructure and marketing of this malware. Sometimes these cybercriminals have the tacit approval of their nation states, and sometimes they are backed by nation states. 

 

2. Food and beverage companies of all sizes can be targeted by ransomware. 

 

Any organization that depends on their technology to run or scale is potentially susceptible and vulnerable to the impact of extortion via ransomware. The disruption caused by ransomware can affect companies in all areas, including production runs, inventory and ordering, invoicing customers, and scheduling staff 

 

3. Cybersecurity is as much about people as it is about technology. 

 

Education and awareness of cybersecurity should be part of your company culture. Ransomware targets employees first by attempting to get them to click on phishing emails, links or attachments which can introduce malware to your company system. Once you establish a training and education program for employees technology such as multi-factor identification (especially with number matching), firewalls and anti-virus software can also be used to combat cybercrime. 

 

4. All companies must have and practice a ransomware strategy. 

 

Business owners and operators need to understand what their critical data is that they need to run their business, as well as how much risk they’re willing to accept. With this in mind they can build an incidence response team that includes experts from different areas of the company. A tabletop exercise on ransomware scenarios should be done at least once a year to plan and practice your response. The faster you are able to respond to ransomware, the less impact it will have on your business. The Canadian Centre for Cyber Security offers a Ransomware Playbook to help businesses plan a ransomware strategy. 

#cybersecurity

#ransomware

#cybersecuritystrategy

#malware

#security

#software

CFIN Members get exclusive access to funding opportunitiesfive Regional Innovation Directors, and YODL. Learn more about what it’s like to be a CFIN Member and how you can join our growing community of food professionals.  

Comments

Nestor Gomez
10-17-2023 12:35

@Brandon Yardy great observation: people are the first line of defense against cyber attacks and cyber criminals. Small efforts in educating our staff consistently and regularly, can make a big difference in their awareness and how they react to phishing attempts, social engineering and other cyber risks.

Brandon Yardy
10-17-2023 12:04

Very important topic, easily neglected. Asking new employees to use a unique password could make a difference as so many re-use passwords as was mentioned. 

Related Content