The National Restaurant Association recently released a new guide for restaurant operators looking for more information on how to increase their cybersecurity efforts.
In 2015, the National Restaurant Association released its first manual for restaurant owners called “Cybersecurity 101: A Toolkit for Restaurant Operators” [PDF] which outlined best practices on five core areas of cybersecurity planning. This past month, the National Restaurant Association built on this manual with the release of “Cybersecurity 201: The Next Step,” [PDF] which provides restaurant-specific type guidance. The National Restaurant Association utilized the expertise of technology personnel from top multi-unit restaurant companies. The guide is a must-read for any franchise system in the food service space.
The guide takes the cybersecurity framework prepared by the National Institute of Standards and Technology (NIST) and adapts it for use in the restaurant hospitality industry. Restaurant franchise systems can learn how to apply the NIST standards by reviewing the real world hypotheticals.
For example, there is “Sam” whose restaurant experiences a data compromise of customer credit cards. After a forensic team descends on his business, Sam quickly realizes how little he understands about who has access to his computer software, which vendors service his POS Systems and how often he upgrades hardware. The result? Sam lost loyal customers and was slapped with a hefty fine from his credit card processors.
In addition to three other nicely detailed case studies, the guide shows how almost 100 different NIST categories can be applied in a restaurant setting, grades cybersecurity action items from most to least urgent and provides a glossary of cybersecurity terms. Even the most cyber savvy restaurant systems should find the guide full of useful information.