Restaurants Canada provides critical cyber education and awareness resources for Canadian foodservice operators
As more operators adopt daily e-commerce and online technology, the inherent risks should be top of mind. A cyber attack could close your business and/or seriously impact your reputation. An attack usually originates from an outside computer, from anywhere in the world, which targets your confidential client information. It is important to understand that cyber attacks are not just a BIG company problem. Attackers know that your business has digital assets. This puts foodservice operations, especially at risk. With the increased use of customer-facing technology, there are a greater number of access points. Think about all the connectivity from outside suppliers who may have access to your operations today.
Our industry processes millions in credit card transactions annually. Restaurants Canada has initiated an industry-leading partnership with Cyberisk Chek. Cyberisk Chek is a Canadian cyber innovation company that is globally recognized for educating businesses on the risks associated with cyber transactions.
President and CEO of Cyberisk Chek, Domenic Trotta, indicates that cybersecurity is growing across the globe, however, Canada is trailing. Security measures need to keep pace with the growth of e-commerce in general. And, as with any growing business, the criminal element is often ahead of the curve. “Our goal is to provide a simple, self-assessment, cost-effective tool that will help operators gauge their cyber risk points and outline steps that an operator can [take] to minimize risk. The growing complexity of cybercrime makes preventing these attacks especially difficult for small businesses with limited resources,” says Trotta.
- 60% of small/medium businesses go out of business within six months of a cyber attack
- 70% of cyber attackers deliberately target small businesses
- 71% of cyber attacks hit businesses with fewer than 100 employees
- $180,000 is the average loss for small/medium-sized businesses
- Data security has now become crucial to a restaurant operation’s success. But, is it top of your mind?
Do we have your attention?
Seventy-seven percent of small businesses that own their domains are concerned about falling victim. Unfortunately, 36 percent are not investing any money in protecting against cybercrime.
The number of businesses reporting a million+ loss has risen to 7 percent from just 1 percent two years ago (Source: Ponemon Institute for IBM: 2016 Cost of Data Breach Study).
The use of ransomware in cybercrime is growing exponentially by cyber-predators and Canada is a hotbed. This malware locks systems, then the hackers demand payments to unlock your systems.
There is a misconception that having data backups will prevent a cyber attack from locking down your business. In reality, restoring, unknowingly, from an infected backup may potentially aggravate the situation.
What can you do to protect your operations from Cyber attacks?
There is a lot you can do to protect your restaurant against cyber attacks. Simply put—Identify, Protect, Detect, Respond and Recover. The Cyberisk Chek tool is an on-line self-assessment available through Restaurants Canada that provides you with a detailed inexpensive report and preparation guide with an action plan. This assists you in assessing your level of preparedness to a breach and, most importantly, gives you a step-by-step guide on what to do next.
The Cyberisk Chek security assessment asks five key questions:
- What do I need to protect—what assets are critical to the operation?
- What security measures do I have available to me and are they up to date?
- How do I even know if a cyber breach occurs?
- If a breach occurs how do I reduce the impact of the attack to all involved parties?
- How do I recover post-attack? Do I have an Incident Response Plan?
The first step in awareness may only cost less than a hundred dollars and will provide you with the tools to respond and resolve many of your internal security risks immediately and within budget.
What kind of vulnerabilities does Cyberisk Chek look for? What are key access points?
POS Systems: Attacks on point-of-sale terminals directly affect credit card data. They look for end-to-end encryption, iPad secure interfaces and anti-virus software. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also key.
Wi-Fi Guest Networks: In order to help ensure that guests cannot access your business network, guest networks must be stand-alone and should be professionally installed. You may also want to configure your routers and firewalls to block certain types of data on the guest network to protect your company’s reputation.
Network Access: Consider listing your network access policies on a splash page that connecting guests must pass through before connecting to the network. Often these pages include a “click here to agree” button.
Guest Passwords: Don’t give out one password to everyone. Look for third-party services that automatically assign security keys on a per-user basis. Per-user, per-session keys make it easier to block a specific troublesome user with no interruption to everyone else.
Credentials Expiration: Login credentials for guests should expire after a predefined period, such as every four hours or at the end of the workday. Credentials that don’t expire often become a security hole, allowing unauthorized re-entry onto the network down the road.
The Human Factor: People are the weakest link in cyber resilience. Statistics have demonstrated that insider threats are the most common entry point for cyber criminals. Human error is also a factor from a lack of awareness on the part of users. It is integral to provide digital literacy training, cyber awareness training and technology solutions.
This is a critical time in the life of a restaurateur. You are a target. Cyber threats will not go away, and the digital age is here to stay. Make sure you are aware and protected before an attack jeopardizes your operations.
Be aware and be prepared
Conduct your Risk Evaluation today and receive a detailed risk assessment report and your prioritized action plan. Restaurants Canada members benefit from a reduced rate along with a free 32 page Cyber Self-Help Guide (valued at $49.95 USD).
Go to info.restaurantscanada.org/rc-program-cyberiskchek or to find out more call 1-800-387-5649 and speak with a Member Service Representative. Be sure to use the Restaurants Canada promo code CAA5B200 to receive the reduced rate and guide. Take the first step in cybersecurity today.