As Covid-19 continues to disrupt normal industry operations, thousands of restaurants across the country are pivoting to a delivery or pickup-only business model stay in business, often with a heavy reliance on online orders and digital payment. Doing so is also creating a host of new cybersecurity risks for these owner/operators, according Restaurant Guard Insurance Vice President and Program Director Crystal Jacobs, as less than half of restaurant owners currently carry cyber insurance coverage.
“March alone saw a 600 percent increase in email phishing scams, whereby criminals send employees official-looking emails in an attempt to obtain accounts passwords, sensitive data or access to internal systems. This pandemic is making it even more clear that every restaurant accepting online orders must protect its customers with a robust cybersecurity program and protect its own financial and legal interests with a cyber insurance policy.”
For most restaurants, a minimum premium for a cyber insurance policy may be as little as $800 per year, providing major protections and digital expert assistance for about $67 per month. That is cheaper than most restaurants’ weekly cost for food waste. Policy costs may reflect the level of cyber security already in place, so establishments with strong firewalls and two-factor authentication logins may receive lower premiums than a less-prepared restaurant.
“What makes a good cyber insurance policy truly worth the investment is the response team that’s provided after a claim is filed,” she emphasized. “It’s not simply an insurance agent going through the motions, but a full team of dedicated professionals from both the insurance provider and a digital security firm who root out hackers and breaches and help develop more secure internal processes to protect against future attacks.
Digital breaches can have severe effects on a business, ranging from loss of customer trust to prolonged law enforcement investigations to customer lawsuits. In an already challenging business environment, owners don’t have room for secondary interruptions that could further hamper sales or reputation. Ransomware is another top concern, which occurs when a criminal gains access to a business’ computer network, then locks the owners out of their own systems and demands a ransom payment to give back access.
Both ransomware and phishing attacks rely on human error and weaknesses in cybersecurity protocols to gain system access. As more sales are being transacted online, consolidating more data and requiring more employees to have access, the opportunities for digital breaches grow.
Most major insurers offer policies that provide financial and legal protection from cyber threats such as data theft or ransomware. If a cyberattack occurs, properly insured companies may receive financial compensation, but even more importantly can be given access to a professional digital security firm that provides services such as a comprehensive risk assessment, security awareness training and assistance in dealing with law enforcement. Specifics will of course depend on the distinct policy and insurer. Many policies also include provisions to handle potential customer lawsuits over privacy violations.
As the trends toward digital payments and data collection continue to accelerate, cybersecurity and cyber insurance are quickly becoming some of the most important factors in a restaurant’s long-term operational success. It’s important for each restaurant owner to speak with their insurance provider about what coverages are offered, what specific processes are put in place after a claim, and if there is any immediate need to bolster their digital security. This is especially vital for restaurants offering online ordering and storing sensitive customer data for the first time.