Why Cybersecurity Has to Learn from Farmers (Not the Other Way Around)
It’s not about teaching farmers cybersecurity. It’s about cybersecurity, learning how farming works.
“We’ve been preaching to farmers about cyber hygiene. Maybe it’s time we shut up and listened.”
Actually… have we?
Let’s be real. No one’s actually tried to help farmers with cybersecurity in a practical, meaningful way. If it does come up, it’s usually tacked onto a government slide deck, wrapped in buzzwords, or bundled into a consulting pitch that reads like it was written for someone in a corner office who’s never touched dirt. Over-complicated. Expensive. Time-consuming. And worst of all? Irrelevant. Because it’s not designed for the way farmers actually work.
Meanwhile, the cybersecurity industry still treats agriculture like a compliance checkbox. And farmers? They’re using connected tech every single day with little to no protection while being told they’re somehow the problem.
Maybe the real problem is we’ve been talking at farmers instead of listening to them.
Spend a little time with actual farmers, like “Punk Rock Farmer”: Jonathan Lawler, who joined me recently on the Bites and Bytes Podcast, and it becomes obvious just how backward that narrative is. The gap between barnyard and byte isn’t as wide as we’ve made it out to be. In fact, I’d argue the cybersecurity world has more to learn from farmers than the other way around.
The Myth of the “Uninformed Farmer”
Let’s go ahead and retire the outdated idea of the clueless, tech-averse farmer. You’ve heard the jokes: “Old MacDonald can’t operate email, so how’s he gonna secure a tractor?” But the truth is, that narrative hasn’t aged well, if it ever worked to begin with.
Modern farms are complex, tech-driven ecosystems. Think GPS-guided equipment, automated irrigation, livestock sensors, greenhouse controls, and cloud-based records. Farmers aren’t behind. They’ve just been left out of the cybersecurity conversation.
They don’t need to wear lab coats or speak in code. They know exactly what’s going on in their environment from soil to sky. In an upcoming episode of the podcast, a Canadian farmer said, “It’s not that farmers don’t think about cybersecurity. It’s that they don’t know where to start. And no one’s made it easy.”
These folks are systems thinkers by necessity. When something breaks, there’s no IT helpdesk to call at 3 AM. They’re welding equipment back together in the field before sunrise. They’re rigging irrigation systems with baling wire to survive a heatwave. That’s resilience, not a lack of awareness.
They don’t call it “risk optimization,” but that’s precisely what they’re doing every season. Choosing whether to spray or not to spray. Timing harvests around storms. Managing disease pressure without overusing resources. It’s advanced decision-making in a constantly changing environment. So when someone like me shows up with a Basic Cyber Hygiene 101 checklist, a polite nod (or an eyeroll) is probably fair.
Cyber-Physical Reality: When Tech Fails on the Farm
Farms aren’t just fields and barns. They’re powered by operational technology (OT). And when OT fails, it’s not just a slowdown. It’s a potential disaster. This isn’t about data loss. It’s about real-world life or death consequences.
Take this real incident: a poultry farm in northern England suffered a massive loss when a computer glitch caused tens of thousands of chickens to overheat and die. The automation system overheated the houses, turning them into ovens. It was ruled a technical failure, but for the animals, it was lethal. This isn’t a hypothetical. It’s exactly how farms with remote sensors and HVAC systems operate today.
Now imagine someone deliberately tampering with that setup. A hacked thermostat, a misconfigured ventilation control, a compromised feed sensor, that’s all it would take to turn a routine day into a disaster. And it doesn’t take much imagination to see how quickly that would escalate. When technology controls the well-being of animals or crops, a cyber event can escalate into a physical threat.
Jonathan and I didn’t discuss this particular incident on the Bites and Bytes Podcast, but we did talk about biosecurity breakdowns, like when a friend of his lost an entire turkey flock to avian flu in under 12 hours. The emotional and financial toll was devastating. The parallels are clear. Whether it’s a virus or a system failure, when something goes wrong, the consequences are immediate and severe.
On a farm, if a milking robot freezes up, cows suffer immediately. If a greenhouse climate controller malfunctions on a scorching day, the plants don’t get a second chance. The risk isn’t abstract. It’s real, and it’s already happening.
So if we want farmers to take cybersecurity seriously, we need to meet them in the physical world, not the digital one. No vague warnings about hackers in hoodies. Just the straight truth: dead animals, ruined crops, lost income. That’s the kind of risk farmers already understand because they live it every single day.
Farmers Are Already Risk Managers
Here’s the twist. The same industry that labels farmers as “high-risk” users could stand to learn something from how they actually manage risk.
Because that’s what farmers do. All day. Every day.
They manage drought, frost, blight, volatile markets, fuel shortages, equipment failures, and animal health, all while trying to turn a profit in a system that is often stacked against them. It’s not luck. It’s systems thinking under pressure. They adjust. They improvise. They get the job done.
This isn’t theory. It’s lived experience.
The cybersecurity world loves to throw around frameworks and risk matrices. But for farmers, risk isn’t a spreadsheet. It’s a field of crops that might not make it through the week. They assess threats constantly. They prioritize. They make trade-offs. And they do it with far fewer resources and far higher stakes than most.
And let’s clear something else up: farmers don’t hate tech. They hate tech that wastes their time. If something works, helps them protect their operation, or saves money, they’ll use it. If it adds complexity without value, it’s gone. No second meeting. No endless pilot. No debate.
Their B.S. filters are excellent. Maybe even better than some of ours.
A Humble Harvest: Cybersecurity with Curiosity and Respect
So what do we do about it?
We show up with curiosity. We lead with respect. We make cybersecurity feel like another layer of safety and care, rather than an audit checklist or a punishment for being behind.
This isn’t about turning farmers into IT pros. It’s about meeting them where they are and recognizing the risk expertise they already use every day.
Ask a farmer about their worst-case scenario, and they won’t say “ransomware.” They’ll say “equipment failure during harvest” or “losing a contract because a shipment was delayed.” Cyber incidents can trigger those very things. So connect the dots with systems thinking. Make it relevant. Keep it human.
Here’s where to start:
Treat tech risk like a barn hazard
If you wouldn’t let a stranger walk into your feed room, don’t let them into your Wi-Fi either. Malware is just another kind of farm virus. If someone shouldn’t be handling your feed mix or chemicals, they shouldn’t be touching your tech.Identify what matters most
What tech do you rely on every day? The feed mixer? The greenhouse sensors? The milking software? If it broke, what would bring everything to a halt? Start there.
Once you’ve got that list, ask a few simple questions about each one:Do I know how this is secured (if at all)?
Who installed it and who has access to it? Physical and remote access?
Do I have a backup plan if it fails?
Even just writing down who to call, how to manually override a system, or where the warranty paperwork is can save critical time during a failure.Don’t overthink it. The goal is to make sure the tools you depend on aren’t single points of failure and that you’re not caught off guard if something goes sideways.
Ask what your vendors are actually responsible for
Does your dealer or software provider cover equipment failures caused by remote updates? Who owns your data? Can they shut off your system if you miss a payment? Don’t assume. Read the fine print.Talk to your neighbors
If someone else had a tech scare or a near-miss, learn from it. We already do this with crops and livestock. Start doing it for cybersecurity, too.Pay attention to who’s on your team
Ensure that your employees and seasonal workers are here to support your operation, not cause harm. Run background checks, check public social media activity, and look out for signs of extreme ideologies or online behavior that could put your business, animals, or reputation at risk. Prevention doesn’t have to be complicated; it just has to be thoughtful.Lean on people who understand ag
Organizations like your local Farm Bureau, co-op, or extension office are starting to pay attention to cybersecurity. Ask questions. You’re not in this alone, and you shouldn’t have to figure it out in isolation.
“Final Thoughts and a Podcast Episode You Should Hear”
Whether you’re a grower or a geek (or like me, somewhere in the middle), we’re all part of the same food system. Cybersecurity shouldn’t be another layer of stress or a lecture from someone who’s never stepped on a farm. It should feel like locking the barn at night or checking the fences. You know, common sense.
So, cyber folks. Put on some boots and spend a day where the risk is real and the stakes aren’t theoretical. Ask questions. Listen more than you talk.
And to the farmers: don’t let anyone make you feel behind or unprepared. You’ve been managing risk longer than most tech people have been out of diapers. You already know how to protect what matters; you need a few new tools to do it in the digital-physical world.
And if you want to hear more about what this looks like from the farmer’s point of view, check out my whole conversation with Jonathan Lawler on the Bites and Bytes Podcast. We talk about risk, tech, misinformation, extreme activism, and how agriculture is misunderstood from all sides, including cybersecurity.
Because at the end of the day, you don’t grow anything, crops or resilience, without getting your hands dirty.
Stay Safe, Stay Curious,
What an underrated topic, Kristin. And well done to you for covering it. Look forward to future posts.