• Home
    Home We Serve America's Restaurants Representing nearly 500,000 restaurant businesses, we advocate for restaurant and foodservice industry interests and provide tools and systems that help members of all sizes achieve success.
  • Foundation
    Foundation Building & Retaining Talent The NRAEF is focused on developing a stronger workforce and building the next generation of industry leaders through education, scholarships and community engagement.
  • Show
    Show May 18-21, 2019 As the international foodservice marketplace, the National Restaurant Association Show provides unparalleled opportunities for buyers and sellers to come together, conduct business and learn from each other.
  • ServSafe
    ServSafe Minimize Risk. Maximize Protection. For over 40 years, ServSafe® training programs have delivered the knowledge, leadership and protection that have earned the trust and confidence of business leaders everywhere.

National Restaurant Association - Get the 411 on cybersecurity

Skip to navigation Skip to content

News & Research

News RSS

Get the 411 on cybersecurity

Keeping data safe and secure is of great concern to us and our industry. Technology innovations, often fueled by data, help restaurants streamline operations, reduce costs and bring in more guests. But with opportunity comes risk. Payment card information has always been a target, and now hackers are hungry for more. With new data sources, online criminals can target all aspects of a restaurant’s business.

To help restaurateurs combat potential cybercrime, we’ve offered solutions, including toolkits and webinars, and work with various cybersecurity experts to prevent data breaches from happening. Soon we will release Cybersecurity 201, a follow-up toolkit to our Cybersecurity 101 guide.

Because we’re increasingly digital, we’re all more aware of cybercrime and what we need to do to prevent it. That’s good news, says Nick Schacht.

Schacht, president and CEO of KnowCyber, a Houston-based cybersecurity training firm, tells restaurateurs that cyber is a moving target. If they’re using digital devices for almost everything, they must be more vigilant about protecting information –theirs and their customers’.

“The more we use information systems and digital devices, we have to deal with the security of those devices and the security of the information,” he said. “That’s what cybersecurity is at its core: keeping our information and the information we create and collect secure so it’s not misused, stolen or abused in some way or other.”

Keeping your data safe is the priority

Laura Knapp Chadwick, our director of commerce and entrepreneurship, adds that members of Congress are intent on fixing problems associated with cybersecurity, but that the solutions so far proposed “would drive up costs and probably wouldn’t do much to protect against a cyberattack.”

Schacht says as businesses become more digital, assets that aren’t cybersecure are at risk. And, if information captured ‑ especially from customers ‑ isn’t protected, reputations could be jeopardized. He noted that:

  • 12 of the top 20 data breaches in 2014 were in retail or restaurant brands, and that every single one involved payment card data.
  • 70 percent of consumers can name at least one brand that’s had a data breach.
  • 15 percent of consumers say they’d stop doing business with an organization experiencing a significant data breach.
  • The cost for a small business to recover from a data breach is $50,000 or more.

He also says the majority of breaches are motivated by profit. “Data and information are where the money is. That’s what drives cybercrime.”

Want to stay on top of cybersecurity? Here are 7 tips

As cybercrime constantly changes in how it attacks businesses, Schact recently offered up seven new tips for staying on top of the problem:

  1. Identify your risks. Know they exist, where the data is and where it’s stored. Find out who has access to it and if remote access is permitted.
  1. Monitor your risks. There are tools you can put into place that will signal if someone wrongly accesses information.
  1. Prioritize your risks. Do the best possible job of identifying risks and tackle the biggest ones first. Find and use technology systems that will reduce risk.
  1. Check third-party suppliers. Know the connections between your organizations. If they have access to your digital systems, they are a risk. Be aware of what they have access to and control or reduce it. Always hold suppliers to the same standards you hold yourself to.
  1. Comply with the PCI data security standard. This was set up by the major credit-card companies about a decade ago to protect payment card information. It addresses how your systems should collect, store and process data related to payment cards. It also requires an annual assessment. If you’re not compliant, you could be fined or your cost for processing credit cards could increase.
  1. Train your employees. Prepare, educate and equip staff to protect information. Cybersecurity is more about people than it is about technology.
  1. Conduct constant examination. Always examine yourself, your business, threats to your business and the protections you have in place.

Get more information on our work in cybersecurity for the restaurant industry

Conserve RSS Healthcare RSS Conserve RSS

▲ Back to Top

We're glad you're here!®

® 2012-2017 National Restaurant Association. All rights reserved.

2055 L St. NW, Suite 700, Washington, DC 20036
(202) 331-5900 | (800) 424-5156