Cybersecurity

Podcast: Why ag needs to budget for IT

Tue, 05 Dec 2023 22:37:24 GMT

In this latest “Tip of the Iceberg” podcast with ZAG Technical Services, Chief Financial Officer Tim Bussey explores the importance of making an investment in tech, the biggest challenges faced in IT planning, why ag businesses need to protect their data, and more.

Bussey says one of the biggest misconceptions is that growers lack sophistication when it comes to technology. While he thinks that in many cases this couldn’t be further from the truth, this prevailing view may actually make ag-based businesses more vulnerable to cyberattacks.

The perception that farmers aren’t savvy when it comes to protecting their valuable data may be why the “so-called ‘bad guys’ choose to target ag companies,” says Bussey.

Listen to the podcast to learn more.

Research in Ag-Tech Top-Of-Mind in Farm Bill Hearing

Mon, 12 Dec 2022 20:03:24 GMT

The Senate Ag Committee met on Tuesday to hear testimony surrounding the need for ag research funding in the coming farm bill. According to Katy Rainey, associate professor at Purdue University who gave testimony, the hearing showed “signs of hope” for ag research.

Representing the American Seed Trade Association , Rainey underscored farm bill ag research and technology funding needs:
• Public-private partnerships
• Better program support in the National Plant Germplasm System (NPGS)
• Regulatory space that allows technology to come to market.

“There is a misconception that the private sector has the basic and applied research needs for row crops,” Rainey said in her testimony. “We rely on the support of farm bill funding and programs to ensure continued U.S. leadership as the provider of the best seed to the world.”

Outside of sharing her own message, Rainey heard four other testimonials as well as questions from senators. While the on-air discussion proved informative, Rainey says she was most intrigued by the conversations happening off-air.

“Senators are concerned with farmers’ bottom line, but they’re also concerned about global events,” Rainey says. “My takeaway from the senators is that there’s actually a hopeful outlook for global food security because there is so much technology. If we can support the research to get that technology to the field or to the plate that could dispel concerns across the board.”

Rainey is confident research funding will come through in the farm bill to deliver that technology.

View Across the Table

Sen. Joni Ernst (R-IA) was also in attendance of the hearing. In Ernst’s view, there are two highlights from the hearing that deserve a spotlight on Capitol Hill.

1. Cybersecurity in Ag

“We know that our adversaries are targeting our farmers [through cyberattacks] and that does affect our nation’s food chain,” said Ernst in the hearing. “What we want to see is additional work in university ag systems through research, education and outreach activities.”

Chavonda Jacobs-Young, undersecretary for research, education and economics at USDA, said the agency is working to deliver on that additional work.

“We first need to raise the awareness for needs in cybersecurity,” she says. “We also need to train — and retain — the generation of professionals who can help us in this space. That involves high-performance computing, AI and cybersecurity.”

Jacobs-Young and Ernst plan to meet and establish a partnership, along with other groups recommended by Jacobs-Young, to make a gameplan for cyber-awareness in rural America.

2. Carbon Credit Opportunities

In the research corridor, Ernst feels there are carbon questions that still need answers.

“I hear about this all the time from Iowa farmers — they want to participate in carbon markets and create healthy soils,” Ernst says. “Getting the right type of information and translating that so producers can measure carbon on their farms and in their production activities is the bigger issue.”

Ernst and Young both agree the outreach chord needs to be reconnected to rural America, but Jacobs-Young isn’t sure what tactic will flip the ignition switch.

“It’s critically important to talk to producers about what they need and how that can be delivered in a way that they will be receptive to,” said Young in the hearing. “Adoption is part of the issue we have. We can develop wonderful technologies, innovations and tools, but we struggle with producers being receptive.”

For her part, Ernst says she’ll work to allocate farm bill funding toward such programs and communicate with Young on ways to relay the program messages to farmers.

Producers with carbon questions can also seek answers in Farm Journal’s Carbon Innovation Center .

More on farm bill 2023:

Rep. G.T. Thompson Lists His 3 Farm Bill Objectives
Opinion: The Value of Partnerships Between the Agriculture and Energy Industries

ZAG Technical Services warns of phishing threat targeting ag businesses

Fri, 02 Aug 2024 16:46:12 GMT

ZAG Technical Services says agriculture businesses should be on alert amid a rise in sophisticated phishing schemes that aim to compromise email accounts and gain access to sensitive information.

Attackers use compromised email accounts to send fraudulent messages that appear to come from trusted sources, according to a news release. Hackers also sign up for services such as Dropbox with the compromised accounts to enhance credibility.

The IT firm said the layered approach to the phishing emails makes it seem legitimate and complicates the detection of the malicious emails. Recently, phishing schemes send sales teams fraudulent purchase orders from supposed customers, according to the release.

ZAG Technical Services encourages ag businesses to focus on the behavior of the sender to help identify fraudulent emails. Red flags include unusual requests, such as an urgent purchase order or links requiring immediate action. The firm also said if a purported CEO sends an unexpected Dropbox link and follows up insistently, the recipient should question the legitimacy of the email.

Here are steps to take if someone suspects a phishing email, according to ZAG Technical Services:

Verify the sender — Call a verified phone number of the person who supposedly sent the email to confirm its authenticity. Do not reply to the email, click on any links or call any numbers noted in the email.
Contact leadership — Notify the CEO, chief financial officer or controller to check for any attempted ACH fraud.
Involve IT — Engage the IT team to trace the origin of the email and assess the threat.
Avoid forwarding suspicious emails — Do not forward the email to others to test links or attachments.
Seek expert opinion — If in doubt, get a second opinion.

ZAG said these phishing attacks are strategic attempts to exploit vulnerabilities for financial gain. Many phishing operations target agriculture because of the many points of connection between businesses and vendors, the release said. Attackers seek access to networks to obtain sensitive information, initiate fraudulent ACH transactions and extort ransomware payments through crytoblocking.

“Imagine the domino effect if a cyber attacker gained access to a school system, not only accessing student information but also learning about parents’ workplaces and potentially compromising those systems as well,” Allen Santana, cybersecurity operations manager for ZAG Technical Services, said in the release. “Similarly, the interconnected nature of agribusiness makes it a prime target for scammers.”

No business is too small to be attacked, the IT firm said, adding that it’s important to educate and remind employees about the signs of controls regularly.

Agribusinesses should also implement layers of control in financial processes like ACH transactions to prevent single points of failure. ZAG Technical Services said agribusinesses should consider requiring multiple approvals for financial transactions to prevent invoices from being paid out to attackers.

ZAG Technical Services offers cybersecurity help

Mon, 04 Nov 2024 19:10:22 GMT

With National Cybersecurity Awareness Month coming to a close in October, ZAG Technical Services said it has a stark reminder for businesses everywhere: There’s nothing scarier than a cyberattack during a company’s busiest season; with peak harvests and holiday sales just around the corner, businesses must identify and close vulnerabilities that could leave them exposed.

ZAG Technical Services says it is offering comprehensive cybersecurity assessments to help companies uncover hidden risks in their systems and plan smarter for 2025.

“Cyberattacks can take days, weeks or months to recover from, and may even come with a hefty ransom without the guarantee of restored access,” Thuan Ngo, vice president for ZAG Technical Services, said in a news release. “That kind of downtime could spell disaster, especially during critical operational windows like peak harvest season.”

Cybersecurity checklist

To help businesses safeguard their operations, ZAG Technical Services has released a free downloadable cybersecurity checklist . The resource includes essential steps companies can take to minimize risks and prepare for faster recovery in case of an incident, according to the release. Some key recommendations include:

Deploy a next-generation antivirus and anti-malware solution.
Engage in regular employee education and phishing simulation training.
Use system snapshots for predictable, streamlined recovery.

Businesses can access the full checklist and take the first step toward minimizing cybersecurity risks today, the company said.

“Now is a great time for businesses to reflect on their cybersecurity practices,” Ngo said. “Whether you’re worried about ransomware attacks, phishing scams or system vulnerabilities, we want to empower companies to take proactive measures and prevent downtime before it strikes.”

ZAG Technical Services names vice president of operations

Tue, 01 Aug 2023 13:03:42 GMT

ZAG Technical Services , a San Jose, Calif.-based IT consulting firm, managed services and IT security provider in the ag and food and beverage industries, has promoted Eric Regnier to vice president of operations.

In 2021, Regnier was brought on as a project manager, quickly showcasing his dedication to operational excellence, continuous improvement and quality, according to a news release. He then earned his way to manager of ZAG’s IT security and compliance business. Earlier this year, Regnier was named interim vice president of operations, where he delivered his specialized skillset overseeing the client services, engineering and project management teams, the release said.

“Eric’s exceptional ability to navigate complex operational challenges, streamline processes and drive continuous improvement has been instrumental in delivering above and beyond clients’ expected business outcomes,” Greg Gatzke, founder and president of ZAG, said in the release. “Additionally, Eric’s commitment to cultivating talent, empowering individuals and promoting a positive work environment has profoundly impacted team members, fostering a collaborative and respectful environment that has accelerated our growth.”

Prior to joining ZAG, Regnier earned a bachelor’s degree, two master’s degrees and numerous certifications in technology and computer science and served 13 years in the U.S. Navy as a fast attack submarine officer. He also brings unique perspective to ZAG, having spent a considerable portion of his childhood on the family farm in Nebraska, where he coupled his passion for agriculture and skills in technology, according to the release.

“It’s an honor to lead this team of talented and dedicated professionals to achieve ZAG’s mission of ‘Enabling Our Clients to Succeed,’” Regnier said in the release. “New technologies and the evolving needs of the businesses we support are what make our work challenging and engaging, but it’s ZAG’s people and our clients that make our work meaningful and rewarding. I am grateful to be entrusted with this charge and am excited to meet the challenges ahead.”

Dealing with company cyberattacks? Greg Gatzke has advice

Tue, 01 Aug 2023 18:09:25 GMT

Cybercriminals are attacking agriculture, says Greg Gatzke, founder of ZAG Technical Services.

“Basically everyone in the nation — large companies, small companies,” the longtime cybersecurity and agriculture expert said in Season 4, Episode 9 of the “Tip of the Iceberg Podcast.”

“There are also opportunities for technology within ag,” Gatzke continued. “It’s becoming a new farming input. It can help us reduce waste, increase production, reduce labor requirements. Technology and ag have never been more aligned more than today.”

What’s going to happen with cybersecurity, labor, data and all the company stressors of today and in the future?

Despite being a tech guy, Gatzke has a farming background. His family grew lettuce and other vegetables in Wisconsin in 1970s and 1980s, but when many small farms went out of business at that time, they did too. Gatzke ended up in Silicon Valley because he loved tech.

But he discovered there was just something missing. Around 2004 or so, he became involved in a Salinas-area company and worked with people in agriculture.

“That’s the world I knew and loved,” he said. And they went full force into it by 2006.

“People in Silicon Valley, they spend their life trying to figure out how to get someone to spend a second-and-a-half extra on an app, and that is a lifetime to them, right? And we’re helping feed America. It just means so much more,” Gatzke said. “It just resonates so much stronger with people that we work with and candidates that we bring in. It’s much more meaningful.”

Everyone knows the stressors on agriculture, such as labor and government initiatives.

“Technology can answer almost every problem we have at some level. Let’s face it. Technology has always been in some part of agriculture, in the 1950s, in the 1800s,” he said. “We’re just now embracing modern-day technology to do the same things that agriculture has always done.

“Technology and ag have never been more aligned more than today.”

Cyberattacks

When a company is cyberattacked, operations can shut down for 10-14 days, and then the C-suite sees the effect that has on business, he said.

“For a company that can recover in 24 hours, it becomes more of a minor hit than this full-scale disaster,” he said. “When you frame security in terms of risk mitigation, then it is absolutely the board’s job to ensure that it is being done.”

“Security is a competitive advantage because of that. We all know in football [that] defense wins championships,” Gatzke said. “It’s no different in IT.”

Modern tech offers opportunities to reduce labor, lower waste, increase operational production. Just think of all the requirements that are being put on farmers today that weren’t in the past, like labor-time recording and traceability.

“All these huge things require technology to achieve,” he said.

Podcast: Why you need to focus on cybersecurity

Thu, 28 Dec 2023 15:51:39 GMT

Stories such as a Las Vegas casino being hacked through a fish tank pump or cybercriminals holding an entire city’s functions at ransom are harrowing tales that may seem like a plot line out of the latest Hollywood blockbuster, not applicable to today’s world.

But Eric Regnier, vice president of operations at ZAG Technical Services, an information technology consulting firm, joins Rob Collings, marketing director for ZAG, and Melinda Goodman, president of FullTilt Marketing, on the latest “Tip of the Iceberg” podcast to share the very real and imminent threat cybersecurity plays in the increasing tech world of agriculture.

“We always have to keep in mind both the advantages of technology that we’re bringing to bear and the convenience that it has for our life,” Regnier said. “You have to keep in mind that presents a vulnerability that may be actively being exploited now and if it isn’t someone’s working very hard to do so.”

No longer are hackers bored teenagers breaking into systems to change grades or expose flaws, Regnier said. Modern-day hackers are sophisticated criminals with the funds to commit large-scale breaches. He said expect these cybersecurity threats to continue or even increase.

“We have to take this threat seriously because these folks are the real deal,” he said. “These are the pros, and they’re not coming for someone else — they’re coming for us.”

And he says it’s not just multinational or large corporations; today’s cybercriminals attack any and all businesses.

“Cyber criminals are just as happy to extort a ransom or to get an extortion demand paid from a little guy, or a medium gal or the big players equally,” he said. “They’re coming after everyone, and we have to all prepare collectively to defend and be ready for when they do succeed.”

Regnier says a major risk to produce growers, packers and shippers is the vulnerability of the partners these operations do business with.

“It’s not just your own technology that you’re having to worry about, it’s your supporting partners, your vendors — the refrigeration vendor that controls cooling and air conditioning for your production plant,” he said. “How secure are they how are they accessing your environment, and do they have the opportunity to interact with other computing systems placing you at risk?”

To hear the full conversation, click the purple-and-white play button below, or this link or listen on your favorite podcast platforms such as Google Play, Spotify, Apple and more.

What you need to know about ACH fraud

Fri, 21 Feb 2025 18:36:40 GMT

Picture this: It’s the end of the month and your company’s accounting team works to close the books. One member of the accounts receivable team gets an email from a known vendor indicating the company changed banks. The employee quickly makes the change and continues the day’s work.

The problem is, though, that the vendor didn’t change banks, and the employee just fell for ACH fraud.

Greg Gatzke, founder and chairman of ZAG Technical Services, joins the “Tip of the Iceberg” podcast to discuss ways to prevent ACH fraud.

“It is very intriguing, because criminals can actually hack into the vendors’ emails and actually send the e-mail from the vendors’ address,” he said. “It could also just be the setup of a fake account with a new, different e-mail address and [then] send in the request. It’s something that’s happening a lot, and it’s continuing to happen.”

Gatzke said, of course, these ACH fraud attempts happen while accounting teams are under stress. But such incidents often impacts large sums of money, he said, and accounting teams need to be aware of the potential for fraud.

“The criminals are doing a shotgun-type approach, and what they’re looking for is the weakest link, and in reality, anybody, any day could be the weakest link. You could just have them make a mistake; you could not follow processes and just set the company up for a significant loss,” he said. “It’s something that takes due diligence and just a lot of rigor and how we how we operate.”

Gatzke said these crime rings have become more sophisticated with the use of artificial intelligence to craft emails and inquiries to make them less detectable. So, gone are the misspellings and the things that might make someone wonder if it’s fraud, he said.

“Because of that, we just need to up our game,” he said.

Gatzke said ZAG Technical Services is currently changing banks, and because it’s a huge process, companies don’t do it often. The fact that it’s an unusual event should alert an accounting team to something being off.

From there, Gatzke said someone in the accounting team needs to verify whether or not the bank change is valid.

“You’ve got to just pick up the phone and talk to somebody, and that’s hard especially you know when you’re dealing with overseas vendors,” he said. “Don’t [reach out] with the phone number in the e-mail that it comes in, because the criminals answer those, [instead] do it manually do it every time. Verify they’re not making a mistake, because [the] one time [your team] skips it you’ll be out money.”

If not, it could be months before the accounting team catches on, he said. Multiple payments may go out to that new account before the real vendor calls to inquire about missing payments.

“If you think you’re a victim of it, call your bank immediately and get advice from them,” Gatzke said. “They may be able to pull it back, but they may not. Call the FBI. Just do everything you can to reclaim the money.”

Why produce businesses should prioritize IT and cybersecurity in the new year

Tue, 07 Jan 2025 13:37:54 GMT

As the new year begins, ZAG Technical Services encourages businesses to make IT and cybersecurity a priority to ensure smooth and secure operations.

ZAG said many small and mid-sized businesses don’t realize the importance of IT in daily operations until issues arise. Tangible needs such as equipment upgrades or facility improvements frequently take precedence. However, a strategic IT plan delivers significant long-term benefits, including reduced costs, time savings and minimizing disruptions, the company says.

ZAG said produce industry businesses need to take a thorough evaluation of IT systems, organizational preparedness and recovery capabilities. Quick fixes, such as online scans or relying solely on cyber-insurance, may not address the full scope of risk, the company said, adding that, over time, even small gaps can evolve into major challenges if left unaddressed.

“Unaware employees are often the starting point for vulnerabilities,” said Thuan Ngo, chief operating officer at ZAG. “Whether it’s clicking on phishing emails, reusing weak passwords, or unintentionally approving fraudulent transactions, small missteps can lead to significant issues. Educating staff is a simple yet effective way to enhance company-wide protection as organizations grow and evolve.”

ZAG said proactive IT planning does more than safeguard systems — it protects teams, operations and financial performance. Produce industry businesses that take manageable steps to address vulnerabilities today will be better positioned for long-term success; with a clear understanding of current risks, organizations can confidently make decisions that support future growth, the company said.

ZAG said it offers cybersecurity assessments designed to identify risks and opportunities and managed support services tailored to businesses of all sizes, enabling internal teams to focus on core operations while cybersecurity experts handle risk mitigation and system management.