On March 21, 2022, President Biden spoke at a Business Roundtable’s CEO quarterly meeting. In his speech, he urged businesses to make sure they were digitally locked down and protected as intelligence reports suggest that Russia is considering launching cyberattacks against the U.S. These attacks are expected as a retaliation for the sanctions imposed upon their country and our continued support of Ukraine in the form of weapons and drones.
While no particular party or cybercrime has been uncovered, an increase in activity searching for vulnerabilities has been noted. Though the president was notifying CEOs of large corporations, including some companies responsible for critical infrastructure, cybercrime is on the upswing for all of us.
The Cybersecurity and Infrastructure Security Agency urged companies to back up their data, turn on multifactor authentication, and improve their cyber hygiene.
Cybercriminals Arise Amidst the Pandemic
As lockdowns escalated and people found themselves unexpectedly at home for days and then months, they turned to their internet-connected computers to continue working, entertain themselves, and stay abreast of new around the world. This increased internet activity gave cybercriminals increased targets, and they used them—targeting both large corporations and small to medium-sized businesses.
According to Forbes, about 281.5 million people were affected by a data breach in 2021, and cybercrime costs businesses around $1.79 million every minute. Even before the war with Ukraine began, companies were exponentially increasing their cybersecurity budgets. With the promise of acceleration, companies are quickening the pace to secure their cyber vulnerabilities.
Cybersecurity and Restaurants
Unfortunately, no type or size of business is invulnerable to these attacks. Criminal hackers access your network, computers, and data through email phishing and password and malware attacks.
The Verizon Data Breach Investigations Report examined 80,000 cybersecurity events and 5,000 data breaches. The number one entryway for these criminals was phishing attacks that tricked employees into sharing their login and personal information.
I’m sure you’ve seen them—the emails suggesting your system has been infiltrated or needs an upgrade. Or, worse, suddenly your screen goes blank, and a notification pops up from a trusted company to contact them for support. Only, it’s not a trusted company. Instead, it’s a criminal looking to take control of your computer and hold it for ransom or quickly infiltrate the system and obtain confidential data. According to SHRM, ransomware attacks cost companies, on average, $1 million in lost revenue, remediation, and ransom payouts.
According to Verizon’s report, 85 percent of breaches included a human element.
Improve Cyber Hygiene
Like personal hygiene, cyber hygiene cleans up the crumbs and ensures safe handling of a company’s critical data, taking the appropriate steps to secure networks. It prevents cybercriminals from breaching a company’s network or making it so difficult that they look elsewhere.
When you look at your growing digital world, you’ll be amazed at the potential avenues for attack. From computers to POS systems, mobile devices and servers, to software applications and digital menus, online ordering, and websites requiring customers’ emails and passwords for ordering—all of these can lead to vulnerabilities. In addition, your employees’ data can also be at risk. If a device is connected to the internet, it’s vulnerable.
A cyber hygiene assessment can scan your internet-connected devices and identify vulnerabilities by their level of risk, whether low, medium, high, or critical. These critical spaces can be addressed first, allowing operators to allocate their resources to the most vulnerable areas first.
Simple employee training can also go a long way in helping secure a restaurant from cybercriminals. They hesitate and then stop before clicking on a suspicious email link and updating the company’s software regularly. Security Scorecard offers a host of free cybersecurity training resources for businesses.
Masha Arbisman, behavioral engineering manager at Verizon Media, shared this with SHRM, “The conversation about data leakage has flipped from ‘if’ to ‘when’ a company will be breached by malicious actors. The fight against cyber breaches continues to depend on an organization’s ability to train and adapt its members’ behaviors to protect against actions such as credential theft, social engineering, and user error.”
