• Home
    Home We Serve America's Restaurants Representing nearly 500,000 restaurant businesses, we advocate for restaurant and foodservice industry interests and provide tools and systems that help members of all sizes achieve success.
  • Foundation
    Foundation Building & Retaining Talent The NRAEF is focused on developing a stronger workforce and building the next generation of industry leaders through education, scholarships and community engagement.
  • Show
    Show May 18-21, 2019 As the international foodservice marketplace, the National Restaurant Association Show provides unparalleled opportunities for buyers and sellers to come together, conduct business and learn from each other.
  • ServSafe
    ServSafe Minimize Risk. Maximize Protection. For over 40 years, ServSafe® training programs have delivered the knowledge, leadership and protection that have earned the trust and confidence of business leaders everywhere.

National Restaurant Association - Why a cybersecurity plan makes sense for your restaurant

Skip to navigation Skip to content

News & Research

News RSS

Why a cybersecurity plan makes sense for your restaurant

You’ve seen the headlines about data breaches—the ever-growing problem of criminals hacking into businesses and government systems to steal sensitive data.

Now that threat is looming ever larger for restaurants of all sizes. Innovations in technology that have transformed the restaurant business are also increasing the risk of attack from cyber thieves.

The scary thing about cybercrime is that it is constantly evolving. Just a few years ago, high-profile cases like the Target data breach involved mostly payment card data. Today, hackers are looking for more than just credit card numbers; they’re after corporate secrets, confidential company financials and details about employees.

Think about your own operation. Through mobile applications and social media, you may be collecting guest data such as age, address, favorite orders and visit frequency. You likely track your food, beverage and labor costs, as well as your suppliers’ pricing. Your systems hold intellectual property like new recipes and business plans. You store employee and payroll information, and information on customer interactions.

All of this data is vulnerable.

Hackers know that you face time and resource constraints. They prey on businesses that are ill prepared for an attack.

Consider these sobering facts about data breaches:

  • A data breach can cost your business over $100,000 in losses, fines, forensics audits and brand damage. That’s an expense that many restaurants can’t survive.
  • There are 47 different state laws that require businesses to notify their customers in the event of data breach. If you are not able to notify your customers by mail or email (and many restaurants don’t have this information), you must inform the media in your state that you’ve had a breach! That’s right, you have to tell the world that you’ve been hacked.
  • A Ponemon Institute survey found that an organization’s brand value dropped 17-31 percent following a breach and that companies spent up to a year restoring their reputation.
  • The Verizon 2015 Data Breach Investigations Report found that in the hospitality industry there is a much higher likelihood of a data breach going undetected for months (78 percent) versus being discovered quickly. According to Verizon, the longer an attack goes unnoticed, the longer criminals have access to your systems and operations. “As a result,” Verizon said, “the potential for data theft and loss of information is significant.”

That’s why an ounce of prevention is worth a pound of cure. Just as you have made food safety an integral part of your quality assurance program, you need to make cybersecurity a part of your operation.

The National Restaurant Association has developed some resources to get you started. Its free guide, “Cybersecurity 101:  Toolkit for Restaurant Operators,” can help your restaurant implement an enterprise-wide cybersecurity program.

The guide is based on the National Institute for Standard & Technology’s Framework for Improving Cybersecurity in Critical Infrastructure (“NIST Framework”). That’s a long name for a simple, common-sense approach to assessing risk and protecting against cybercrime. At the Framework’s core are five steps: identify, protect, detect, respond and recover. Focusing on these five functions can help you create a cybersecurity blueprint for your restaurant.

To get more information, visit Restaurant.org/Cybersecurity.





Conserve RSS Healthcare RSS Conserve RSS

▲ Back to Top

New report

Spot Ad right

We're glad you're here!®

® 2012-2017 National Restaurant Association. All rights reserved.

2055 L St. NW, Suite 700, Washington, DC 20036
(202) 331-5900 | (800) 424-5156