The National Restaurant Association (NRA) in the US has released a guide entitled Cybersecurity 101: A Toolkit for Restaurant Operators on the basics of implementing an enterprise-wide cyber security program to protect restaurants from data breaches.
“The digital age is transforming the way restaurants do business,” said Laura Chadwick, director of commerce and entrepreneurship.
“Innovations in technology have only just begun to help restaurateurs streamline operations, reduce their costs and bring more guests into their restaurants.”
“With opportunity comes risk. As we’ve seen in breaches recently, hackers are hungry for more than just payment card data; they can target all aspects of a restaurant’s business,” she says.
“To help restaurants face these growing cyber security risks, the National Restaurant Association has developed resources for restaurateurs to help them protect their entire operation through an enterprise-wide program.”
The guide details the impact that a data breach can have on restaurants – ranging from fines from credit card companies to legal and regulatory actions. In the forefront is action-oriented information about the five key elements of an enterprise-wide cyber security program, based on the National Institute for Standard & Technology’s Framework for Improving Cybersecurity in Critical Infrastructure (NIST Framework):
– identifying cyber risks;
– protecting against cyber risks;
– setting up procedures to detect a cyber-incident;
– responding to a cyber-incident; and
– recovering from a breach.
In addition to the guide, the NRA has convened a working group of member companies to formulate a detailed Cybersecurity Framework for the Restaurant Industry (CFRI) based on the NIST Framework.
The group will be working on specific standards, guidelines and best practices for enterprise-wide cyber security with restaurant companies.
NRA has also formed an alliance with the Retail Cyber Information Sharing Center (R-CISC).
R-CISC houses the Retail Information Sharing & Analysis Center (ISAC), which functions as a peer to peer forum for retailers to share threat information and practices and to enhance the security of the retail industry’s networks and protect consumer data.