Cybersecurity called imperative for independents
Wakefern’s Ken Grogan, Sendik’s Paul Doty, URM Stores’ Ray Sprinkle and First Data’s Paul Kleinschnitz.
The threat of data breaches is frightening to any company, but smaller organizations such as independent grocers face special challenges, according to an educational session on cybersecurity Tuesday at The NGA Show in Las Vegas.
About 90% of data breaches impact small merchants, and 70% of small business owners go out of business six months after a breach, according to Paul Kleinschnitz, SVP and general manager, cyber security solutions, First Data.
“The large guys aren’t going out of business,” he said. “We need to provide solutions from both business and cyber-protection standpoints.”
Kleinschnitz said that a surge in malware growth means thieves no longer need physical presences to cause great harm. Criminals monetize unencrypted credit- and debit-card data, and targets can go well beyond payments. Solutions such as PCI aren’t total answers by themselves. Multi-layered security approaches are needed, he said.
“Awareness and acknowledgement of the problem is a big challenge,” he emphasized.
Paul Doty, director of information technology, Sendik’s Food Markets, Milwaukee, advised companies to create cyber-disaster plans. “Keep track of everything that occurs,” he said. “Keep all logs, policies and procedures.”
He said security measures can be daunting for companies trying to stay on top of all developments.
“You probably don’t want to take this all on yourself,” he said. “Reach out to a security professional.”
Ray Sprinkle, president and CEO, URM Stores, a wholesaler operating in the Pacific Northwest, noted that his company was hit by a breach in 2013 and has since worked hard to bolster its security. He pointed to the benefits of point-to-point encryption because it makes data less valuable to thieves. He also urged companies to look beyond just credit and debit cards to evaluate all data in terms of what is most important to protect and encrypt.
Even after enhancing security, a company needs to be honest with customers in discussing vulnerabilities, Sprinkle said.
“Customers need to understand you can’t guarantee security,” he said. “You have to be careful in how you frame the discussion.”
The NGA session moderator was Ken Grogan, manager of treasury services, Wakefern Food Corp.