Do You Have the Funds to Survive a Data Breach? Most People Don’t
A recent research study by IBM Security estimates that the average cost of a data breach is $4.7 million. Each stolen record will cost a company $141, and the average size of data breaches according to a 2017 study, is 24,000 records. If you multiply $141 x 24,000 records you have incurred $33,840 worth of notification and recouping costs for your restaurant.
Do you have the funds to survive a data breach? Most people don’t!
What Is a Data Breach?
Anytime cybersecurity measures fail and information gets put into the wrong hands would be considered a data breach. For example, a hacker gaining access to your point of sale (POS) system and stealing credit card information. Or, you click on a suspicious email and now a hacker has access to all of your personal documents concerning patrons and employees. Oftentimes, the hacker could be a disgruntled former employee. Sometimes the devil you know is more dangerous than the devil you don’t know.
Impact on Your Restaurant
Besides the financial impacts on your restaurant, your reputation or ideas could be impacted as well!
Since you are required to disclose a data breach to those affected; patrons who were once repeat customers may no longer frequent your business because they view you as unsafe. They could leave you a negative review on social media, or they could go out of their way NOT to recommend you to friends or family. If you were hacked by an unscrupulous competitor, your ideas could be stolen, which makes it difficult to gain an edge in the marketplace again.
These are the soft costs that cannot be calculated. The hard costs are already hard enough. Most businesses can’t redeem themselves from the soft costs as well.
Data Breach Response Plan
With all the risk associated with data breaches, it’s important to have both a preventative and actionable plan in place that addresses a) how to avoid data breaches and b) how to handle a data breach should one occur.
- Never use weak passwords for POS systems, CRM software, or computers.
- Only retain what you need. Don’t keep needless sensitive information and always destroy before disposal.
- ID systems should not be based on sensitive information, such as social security numbers, employee IDs, or last names.
- Encrypt sensitive information and only allow encrypted information to be downloaded to portable media such as flash drives or CDs.
- Purchase cyber liability insurance
Purchasing Cyber Liability Insurance
All the prevention in the world won‘t help when you have a data breach. Good cybersecurity practices are imperative to protect your patrons and your business.
A cyber liability policy covers basic legal fees and expenses, customer notification and restoration of stolen identities, recovering compromised data, and reparation of damaged computer systems. All the things that YOU can’t pay for on your own!
To get cyber liability insurance, fill out our free online form or contact Brian Kilcoyne at 617-612-6515.
