Business Continuity

In our final unit, let’s tackle how to apply the best practices around cyber resilience to support your business continuity in the event that you have a cyber incident on your farm. We’ll analyze the business case for enhancing your on-farm cybersecurity posture and conclude by looking at how to create a basic operational recovery plan for cyber incidents.


A Farm Business Continuity Plan

Now that you’ve gone through the worksheets in Unit 2 of this module  you will have created a farm network map, a farm cybersecurity policy, and a farm cyber fire drill plan.  You are ready to create the final tool you need - a farm business continuity plan (BCP). Each of these tools build on each other and are designed to work together.

To operate a profitable and sustainable business, farmers have to know how to manage risk. Many farm business owners have plans for managing pests, biosecurity, fire protection, irrigation needs,  extreme weather, and animal health threats. Cybersecurity is just another risk that farms need to manage. 

Producers know that good risk management equals good farm business management.

A cyber BCP is an important part of a farm business' risk management strategy. It can help minimize the impact of cyberattacks and ensure that the farm can continue operating even during widespread cyber disruptions. A cyber BCP outlines how a farm business will protect itself from cyberattacks, and what steps it will take to be operational as quickly as possible if an attack or disruption does happen.

It’s better to use the term, business continuity instead of business recovery, because a failure of security controls shouldn’t be the starting point for cybersecurity. By strengthening your protections and building a resilient business, your farm operations will be able to continue in some fashion, even if a cyber disruption happens.



The Business Case for Farm Business Continuity Planning 

That being said, cybersecurity is not just about risk management, but also business development for competitive advantage and sustainability.  With a solid plan for cyber business continuity in place your farm will be more competitive in a few ways:

  • Fork and Knife with Plate Your farm is more attractive to a growing base of trust-minded consumers, processors, and international trade partners, who rely on you to produce quality food, and to be able to verify this quality in a transparent, reliable and valid way.

  • Locked with Key Your farm is more attractive to a growing security-minded consumer who trust you with their personal and financial details.

  • Heavy Dollar Sign Your farm systems are less likely to experience cyberattack, and the financial and reputational loss that results.

  • Briefcase In the event of a cyberattack, you experience reduced overall loss and are able to get back to business sooner.
A cyber BCP sets you up with strong prevention methods, a prepared response, and well thought out recovery strategy. Take a look at the table below to get an overview of main components of a cyber BCP.



Creating a Farm Business Continuity Plan for Cyber Incidents

Your cyber BCP should focus on your most important business assets and operations.  This will help you to identify the actions that are vital before, during, and after a major disruption.
A BCP lays out the steps to take during a disruption, and identifies the key roles and responsibilities for everyone involved.

To get started, take some time to answer the following eight questions.  This is a good way to think through the information you will need to create a basic cyber BCP that can help you better manage on-farm cybersecurity risks, and strengthen the resilience of your farm business.

1. Context- What technologies do you use, why do you use them, and are there any big trends in the sector linked to these technologies?  What are the opportunities for business improvement and risks to business continuity?

2. Business Impact - What are the most important parts of your business to protect and recover?

3. Threats & Risks - What are the potential threats to your farm’s operations, assets, and data that you are aware of? How likely are these threats? How damaging would they be if they were to take place? 

4. Regulatory & Compliance- What regulations are relevant to your farm business?  Which regulations are relevant to data, technology or cybersecurity?

5. Strategies - What are you doing to address the highest priority vulnerabilities and risks? If an incident occurs, how will you know and what will you do?

6. Continuity Management- What are your communication and documentation plans to make sure your cyber BCP can be put in motion right away when needed?

7. Testing-  How will you try out your cyber BCP to make sure it works and to identify any problems that need to be fixed?  How can you incorporate it into a regular cyber fire drill 

8. Maintenance & Compliance - How often will you review your cyber BCP, and who will be involved?


To take the next step and create a cyber business continuity plan, take a look at the following worksheet:


PDF document 2MB
It appears you do not have a PDF plugin for this browser.


Once you have a draft plan in place, you can use it to keep all of the people who contribute to running your farm business on the same page about what they need to do in the event of a cyber disruption. 

You may also want to share your draft plan with a cybersecurity or IT service provider, as the basis for building an even more secure plan to protect your investments and livelihood. Having a plan on-hand, and reviewing it regularly, will help you know exactly what to do in the event of a cybersecurity incident on your farm.



Next:  Summary