HR & Benefits News is a monthly column by Chris Cooley, co-founder of MyHRConcierge and SMB Benefits Advisors.
No grocer—small or large—is immune to cyber villains. According to Trend Micro’s Cyber Risk Index (CRI), “80 percent of U.S. businesses expect a critical breach in 2019.” The consequences of a data breach to your business, workforce and customers can be brutal.
At stake: your customers, reputation and more
Grocers and other retailers who suffer a cyber attack could lose about 20 percent of their shoppers, according to KPMG’s Consumer Loss Barometer.
“Consumers are clearly demanding that their information be protected and they’re going to let their wallets do the talking,” said Mark Larson, global head of KPMG’s retail industry practice. He warns retailers that they’re taking a “big gamble” if they don’t make cyber security a priority.
The costs of a data breach can quickly pile up, including direct financial loss (i.e. theft of financial records, trade secrets, etc.); regulatory fines and legal costs; lost customers; tarnished reputation; disruption to your business; legal costs due to breached employee and customer records; and taking corrective action including notification costs, credit card reissues, identity repair, credit monitoring, etc.
Workers play a key role
Employees, along with other Insiders—suppliers, consultants and contractors—are a key source of security incidents, according to PWC’s The Global State of Information Security Survey 2018. It is crucial grocers recognize the role Insiders play and prepare them to combat cyberattacks.
Equip workers to identify, avoid, report threats
Here are three affordable steps to ready your workforce to thwart cyber villians:
- Conduct background checks—Thorough, accurate and complete background checks are an inexpensive way to help avoid hiring someone who poses a security threat;
- Educate workers about cyber security realities—Online interactive training is an effective yet affordable way to teach the different types of cyberattacks, the impact and the role of each person to avoid risk. For example, “Cybersecurity for Employees” is a group of e-learn courses that teach the following: dangers of cybercrime to companies, its customers and its employees; best practices to keep electronic and physical information secure; how to recognize different types of cybercrime; how to respond to cyberattacks (i.e. phishing, social media); 10 cybersecurity tips; and safe internet and email use.
Give them tools to protect your cybersecurity
The right HR help line offers supervisors help on how to handle behavior that invites cybersecurity breaches. Anonymous tip lines give insiders—employees, suppliers and workers—a safe place to report cybersecurity concerns. Adding data security policies to your employee handbook lets workers know cybersecurity is everyone’s responsibility—not just IT’s.
Chris Cooley is co-founder of MyHRConcierge and SMB Benefits Advisors. MyHRConcierge specializes in helping small to mid-sized grocers throughout the U.S. He can be reached at 855-538-6947, ext. 108 or at [email protected]