View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Was Monsanto’s security mistake ‘made all too often’?

Security expert Jody Brazil analyses the Precision Planting breach.

By Jimmy Nicholls

Monsanto’s decision to house customer and employee data on one server is a "simple mistake made all too often", according to the president of security firm FireMon.

Jody Brazil, who is also the chief technology officer at the security company, commended the farming company for its haste in informing the relevant authorities and bringing in forensic experts after its subsidiary Precision Planting was breached, but reproached the firm for not segmenting its data.

He said: "Segmenting a network and distributing sensitive information across different servers on appropriate network sub-segments can and will limit the damage of a data breach – the cybersecurity equivalent of not putting all your eggs in the same basket."

Speaking on behalf of Monsanto, Christy Toedebusch said that fewer than 1,300 farmer customers were affected by a breach discovered on March 27, in which financial information, social security numbers and customer addresses had been compromised.

In a letter to the Attorney General of Maryland, the company said they believed the breach "was not an attempt to steal customer information".

As an apology the chemical and farming firm will offer credit monitoring services to those whose data was compromised, and the firm will revise its security measures.

"While no system can be completely secure, we believe our new security protocols will provide significant protection for customers’ data," Toedebusch said.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Brazil added that it was easy to criticise companies for bad security practices, but that making such information public would allow others to learn from the mistakes.

"What is clear is that Monsanto has done everything in their power to limit the damage of the data breach by informing relevant government organisations, calling in forensics experts, and contacting the FBI to assist in dealing with the breach," he said.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.