Skip Ribbon Commands
Skip to main content



 ‭(Hidden)‬ Catalog-Item Reuse

Keeping Up With Changing Technology Increases Cyber Risk for Restaurants

Increased reliance on mobile ordering and payments, QR code menus and Wi-Fi access for customers have opened the doors for many restaurants to become targets of cyberattacks.
Sponsored by
keeping up with changing technology increases cyber risk for restaurants

The restaurant industry is back! Well, almost. About three in four restaurant owners say business conditions are already close to pre-pandemic normal and their focus is on sustaining growth in the coming year, according to the National Restaurant Association

The industry is projected to reach sales of $993 billion in 2023 and with an expected addition of 500,000 new jobs, total employment is expected to reach 15.5 million, according to the National Restaurant Association. Additionally, research shows that restaurant traffic levels have returned to near pre-pandemic levels and restaurant owners are feeling optimistic about the future, according to the “Agency Forward Restaurant Survey" by Nationwide.

But the industry is not the same as it was before the pandemic forced restaurant owners to alter operations and quickly adopt technology as a life raft. As the restaurant industry also deals with inflation and supply-chain delays, the technology that kept many businesses afloat is now bringing equal concern.

“The restaurant market has changed a lot in the last three or four years with much more emphasis on takeout and delivery by third-party providers, such as DoorDash and Uber Eats," says Eric Coleman, senior vice president of small commercial, Nationwide. “People are increasingly coming back to restaurants as time goes by—it wasn't the thing to do in the past to get takeout or have it delivered from a nicer restaurant—that was more of a thing you did with pizza. Now it's a totally different world."

To survive during the coronavirus pandemic, many restaurants had to develop an online presence, add delivery, take orders over the phone and via an app, handle payments online or via a device. The byproduct? Cyber vulnerabilities.

Increased reliance on mobile ordering and payments, QR code menus and Wi-Fi access for customers have opened the doors for many restaurants to become targets of bad actors. “Almost a fifth of respondents to the Nationwide survey said that the reliance on technology is a primary risk in their restaurant today," Coleman says. “And even going beyond ransomware, social media and online reviews are also having an effect—positive and negative—on business owners."

Twenty-five percent of restaurant decision makers said a poor social media review was the biggest risk to their business, according to Nationwide. However, any public negativity associated with a cyberattack can be catastrophic.

“The reputational and financial impacts of a cyberattack can be significant and even result in putting the restaurant out of business," says William King, director, business owner policy underwriting, Progressive Insurance. “Ensuring the restaurant has appropriate insurance and a solid plan for handling cyberattacks, especially when customer information is involved, is a critical business practice."

Yet, the use of technology within the restaurant industry continues to be omnipresent. “Many of these technologies are important for the business's success and add significant efficiency to their operations, as well as enable growth," King says. “Restaurants transact much of their business via credit cards, both with their customers and with their suppliers and vendors. This means they store a high volume of personally identifiable information."

The risks, both financially and to their reputation, are high. For restaurants, dealing with the security of debit and credit cards from hundreds of different financial institutions in the course of their daily operations can be a key area of vulnerability.

And it's not just the small operations that are vulnerable. In 2015 and 2016, more than 1,000 Wendy's franchises suffered a cyberattack, which eventually led to a class-action lawsuit by financial institutions alleging that Wendy's failed to safeguard customer payment card information and failed to provide notice that payment card information had been compromised.

“Data breaches will typically require the restaurant to notify their customers and hire a forensics firm to resolve the issue. These breaches can become very costly to fix," King says. “On top of the handling and fixing costs, restaurants could be forced to slow or halt operations, resulting in loss of income." For many small businesses, this could mean the end of operations.

Olivia Overman is IA content editor.

Monday, July 24, 2023
Big I Markets