Industries / Agriculture
Cybersecurity for agriculture in northern Alberta.
Grain, livestock, dairy, mixed farms, and ag-services suppliers across Mackenzie County and the Peace River region. Built around how a real operation runs — through seeding, through harvest, through the slow weeks of January when there is finally time to deal with the office.
The threat landscape in agriculture
The single largest dollar loss category we see in agriculture is supplier banking-change fraud. An attacker compromises the email mailbox of a fertilizer dealer, a seed supplier, or an equipment company. They watch for an invoice going out to you. They modify the bank details and let the email through. You pay the invoice on time. The money is offshore by the end of the day. Losses of $50,000 to $400,000 per incident are common. Recovery rates are under 10%.
Ransomware against ag operations has shifted from opportunistic to targeted. The timing is deliberate — early seeding or mid-harvest, when an operation cannot afford a day of downtime, let alone a week. Mid-sized farm operations have paid ransoms because the alternative was losing a planting window or watching grain quality degrade in storage while the office was offline.
Precision-ag and GPS dependency creates a quieter but real risk surface. RTK corrections, John Deere Operations Center, FieldView, the autosteer subscription — none of these are individually catastrophic if interrupted, but the operation increasingly cannot function without them. The exposure is less about a glamorous attack and more about identity theft, credential stuffing, and accounts shared across family members on personal email.
Starlink has solved the bandwidth problem and created a new one — a flat, unsegmented network where the cab tablet, the farm-office desktop, the kid's gaming console, and the agronomist's iPad all sit on the same broadcast domain. One compromised device reaches every other device on the property.
Why agriculture is targeted
Three structural reasons. First, the dollar size of routine transactions is high — a single fertilizer or seed invoice can clear six figures, and large EFTs between known counterparties are the perfect cover for a redirected payment. Second, ag operations sit at the edge of a rural cybersecurity budget — most still rely on local break/fix IT and have not implemented managed EDR, MFA, or cloud backup. Third, attackers know exactly when you cannot afford downtime — seeding and harvest are calendar-fixed pressure points and ransomware groups time their campaigns accordingly.
What we do for agriculture clients
We start with the Microsoft 365 tenant — because that is where the email lives, and email is where the banking-change fraud begins. Conditional access policies, enforced MFA on every account (including the ones that “just check QuickBooks”), legacy authentication blocked, mailbox auditing on, and external sender warnings configured. We help write a supplier banking-change verification procedure — a two-minute phone call to a known number before any EFT change goes through — and we make sure the bookkeeper actually follows it.
Managed EDR (Huntress) goes on every endpoint — the office desktop, the laptop in the truck, the precision-ag tablet, the agronomist's shared device. Cloud backup runs separately from the M365 retention period. We segment the network so the cab tablets and the kid's Xbox cannot talk to the office accounting machine. Starlink is configured as primary with cellular failover where the use case justifies it.
For the precision-ag side, we audit shared credentials on Operations Center, FieldView, and the equipment manufacturer portals — and convert shared logins to per-person accounts with proper access. This is unglamorous work that prevents the next agronomist or seasonal hand from walking off with full access to your entire operational data history.
Tier recommendations for agriculture
Most ag operations land at Tier 2 because they want one provider handling both the security and the farm-office IT, with a help desk that responds during seeding instead of getting in line behind a downtown Edmonton firm.
Cyber Essentials
$95/seat/mo
Right for operations that already have an IT person (in-family or contract) handling day-to-day support and want a separate cybersecurity layer underneath it. Common for larger multi-generation operations where one family member handles the office computers.
See full tier details →Cyber Essentials + Managed IT
$175/seat/mo
Where most ag operations land. One provider for security, the farm-office M365 tenant, the precision-ag laptops, and the cab tablets — with help-desk response that does not stall when seeding is on. Quarterly business review timed around the off-season.
See full tier details →Cyber Premium
$275/seat/mo
For larger ag operations (15+ office staff), ag-supplier businesses with customer payment data, or anyone whose carrier is now asking for documented BCDR and a vCISO. Adds on-prem BCDR, after-hours SLA, and annual tabletop exercise.
See full tier details →Common questions from agriculture clients
We are a family farm — do we really need cybersecurity?
If you bank online, pay suppliers by EFT, store customer or supplier banking information, run any precision-ag platform, file with AFSC, or run a farm office on Microsoft 365 — yes. The question is not whether you have an attack surface. It is whether anyone is watching it. The most common loss we see in agriculture is supplier banking-change fraud, often six figures, and the email mailbox compromise that enables it would have been caught by basic conditional access and MFA — neither of which most farms have configured correctly.
Our internet here is bad. Will managed cybersecurity even work?
Yes. EDR agents are designed for intermittent connectivity. M365 conditional access enforces in the cloud. Patch management queues up locally and runs when the link is up. We design with rural networks in mind — Starlink as primary with cellular failover, or whatever your fibre situation looks like. We are not going to recommend something that needs gigabit symmetric to function.
We use the John Deere Operations Center and a precision-ag platform. Is that secure?
Operations Center itself is a cloud platform with reasonable security. What we secure is the path into it — the cab tablets, the office laptop, the username and password being shared across family members on personal Gmail accounts, the agronomist who has full access from her own iPad. Identity and access management is where precision-ag exposure actually lives.
What is supplier banking-change fraud and why is it everywhere in ag?
Attacker compromises a real supplier's email mailbox (fertilizer dealer, seed company, equipment dealer). They watch for a real invoice going out to you. They intercept the email, change the bank details on the PDF to their own, and forward it on. You pay the modified invoice. The money is gone within hours. Ag operations are targeted because invoices are large, payment cycles are predictable, and most farms do not have a voice-verification process for any banking change. We help set that process up and harden the email layer so the original compromise is less likely.
How is this different from the IT guy in town who does our office computers?
Most local IT shops are break/fix oriented — they fix what is broken when you call. That is a real service and we do not look down on it. But it is not cybersecurity. Cybersecurity is the proactive layer: managed EDR running 24/7, M365 baseline that gets reviewed every quarter, phishing simulation, vulnerability scanning, documented controls for your insurance carrier. The two roles can coexist. Many of our agriculture clients keep their existing local IT for hands-on work and use us for the security layer underneath.
Ready to talk about your operation?
Free 5-minute Risk Report shows you where you stand. Or get in touch and we will schedule a real conversation — coffee in La Crete, video call, whatever works.