By JILL WHITE
Restaurants build their reputation on a number of criteria -- the quality of the food, of course, but also characteristics including service, convenience, consistency, price, cleanliness, location, atmosphere and ... cyber security?
OK, maybe not that last one. But while cyber security isn't something on which a restaurant builds its business, the lack of a solid cyber security program -- including cyber insurance -- can cause an otherwise successful eatery to fail.
Cyber insurance is readily available through all major commercial providers but typically is not included in a general liability policy. Most major chains -- mindful of cyber attacks on such well-known industry names as Subway, P.F. Chang's and Dairy Queen -- protect themselves with cyber insurance, but many smaller, independent restaurants do not.
Those who don't are taking a big risk. While attacks on big companies draw more media coverage, smaller businesses typically are more vulnerable to attack and invariably have fewer resources to help them recover from the damage a breach can cause.
The website Law360 does an excellent job of explaining restaurants' vulnerability to cyber crime and the protection cyber insurance provides. A key passage:
"Entities that process, store or transmit cardholder data are required to comply with the Payment Card Industry Data Security Standards to protect cardholder data, and the failure to do so may result in fines. In the event of a breach, the contract between a credit card processing company and a merchant may permit the processing company to collect and hold back funds from the merchant’s credit card transactions, thereby creating a cash flow deficiency. Given the unexpected cost associated with a security breach, the potential decline in business and a hold-back of funds, a single breach could threaten the future existence of a company."
Security breach through credit card transactions is just one cyber risk restaurants face in today's online world. If you operate a restaurant, you may take reservations online, accept take-out orders online, promote yourself online with a website and social media pages -- all of which are vital and perhaps necessary to the success of your business, but each of which could allow a criminal or merely careless visitor to bring business to a halt.
Here are nine reasons why your restaurant needs cyber insurance (the first six for first-party exposures, the last three for third-party liability):
- Vulnerability due to point-of-sale credit card transactions: Owners of cash-only operations can move right on to Reason No. 2, but most restaurants deal in plastic, having determined that the convenience to customers far outweighs the red tape, fees and risks that come with credit cards. That generally makes business sense -- but only if the restaurant is protected by cyber insurance. Unprotected, your business could be subject to crippling fines and fees as the result of theft resulting from credit card fraud.
- Business interruption: A breach that prevents you from accepting online reservations or take-out orders, or that prevents you from processing credit card transactions -- even for a short time -- could result in costly and potentially long-term loss of business. Business interruption coverage protects you against losses incurred during the time you're out of operation due to computer disruption.
- Breach-notification: As noted in the aforementioned Law360 post, the Ponemon Institute reported that the cost of notification -- which, again, is mandated by law -- in 2014 averaged $510,000 per breach. That hurts. Combine that expense with the other costs resulting from a breach, and the wounds could be fatal.
- Crisis-management: One of the biggest consequences of a data breach is the damage done to a business' reputation. Most cyber insurance policies can help you fund a marketing campaign to re-establish your customers' trust and even help you attract new business. Many also cover pre-event expenses for identifying vulnerabilities, responses and forensic experts.
- Cyber extortion: What do you do if a hacker gains control of your restaurant's computer system and threatens to release your customers' stolen personal information or essentially holds your business hostage unless you pay a ransom? You can call his bluff and attempt to ride out the lack of cyber access until the problem is fixed, or you can pay the ransom. Terrible as the option is, you're probably going to pay the ransom. Cyber extortion covers the expense.
- Computer disruption: Physical damage from a computer violation -- whether by an outside cyber intruder or disgruntled employee -- that necessitates replacing or repairing computer programs, software or hardware is covered if this is part of your cyber insurance program.
- Privacy liability: If you suffer a breach that leads to customers' stolen financial data to be used for unauthorized credit card purchases, you're protected against settlements and judgments resulting from damages if you have this form of coverage.
- Security liability: Infiltration of your communications network could lead to a third-party breach and a claim against your restaurant.
- Internet/social media liability: Websites and social media are great marketing tools for restaurants, but they also open the door to mistakes and mischief. A logo that too closely resembles that of another company, a photo deemed guilty of copyright infringement, inadvertently published personal information or a libelous comment -- all could prove very expensive without the right insurance coverage.
What are your restaurant's needs and vulnerabilities? At Sylvia Group, we'll work with you to design a cyber insurance program that's as unique as your business. As an independent agency, we work with multiple companies, which means we can put your coverage out to bid, reducing your cost of risk in the cyber insurance marketplace. The result of the process is a policy that meets your needs, fits your budget and -- most important -- protects your future.
To review your coverage and discuss how we can work together to ensure the success of your restaurant, contact me. We'll provide you with the protection and peace of mind that will keep your focus where it belongs: on providing a great dining experience.
About Jill White: Licensed as a Massachusetts Producer for property and casualty, life, and accident and health insurance, and certified as a Construction Risk Insurance Specialist (CRIS) and Workers Compensation Advisor (CWCA), Jill combines insurance training with knowledge gained from 15 years in the financial services industry to develop a thorough understanding of each client’s unique business needs and challenges.
Devoted to protecting her clients, their businesses and everything they’ve worked hard to achieve, Jill conducts a full and thorough review of each business to ensure clients understand exactly what they’re paying for: which risks and exposures are covered, which aren’t and what gaps may exist. She then explores all available options and works with the client to design the insurance program that best fits the business’ strategic plans and goals.
Before joining Sylvia Group, Jill worked for Webster Bank, where she was a vice president and branch manager. While there, she became certified in Moody’s Analytics and a Registered Representative with Series 6 and 63 licenses. She is a Notary Public.
A graduate of Southern New Hampshire University and dedicated volunteer in her community, Jill is Vice President of Downtown New Bedford, Inc. and is active in the New Bedford Area Chamber of Commerce and Relay for Life of New Bedford. She, husband Andrew and son Jackson also have served as host family to members of the New England Collegiate Baseball League’s New Bedford Bay Sox.
About Sylvia Group: Founded in 1950, headquartered between New Bedford and Fall River in Dartmouth, MA, and serving businesses and individuals throughout Massachusetts, Rhode Island and beyond, Sylvia Group is a third-generation, locally owned agency certified as a Woman Owned Business Enterprise with the State Office of Minority and Women Business Assistance (SOMWBA).
Along with property and casualty insurance and risk-management services for businesses and individuals, the agency’s product offering includes employee benefit design and implementation as well as financial planning services, investment products, life insurance and long-term care insurance. In 2014, Sylvia Group became the first six-time winner of the Five Star designation awarded by the Massachusetts Association of Insurance Agents (MAIA) for all-around agency excellence.