In 2026, the jewelry retailer will celebrate a milestone only a small percentage of family-owned businesses survive to see.
Live from Conclave: Understanding Cybersecurity Risks
Do your employees understand when an email should raise alarm bells? And are you patching your software when prompted?
But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked.
“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.”
Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.
She started with social engineering and phishing.
Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.
Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).
While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly.
The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.
The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back.
Her initial recommendation is, of course, not to click on links or open the attachments in emails that seem suspicious. Delete the email, call the sender and ask if they sent that specific email with an attachment or consult IT support.
But that doesn’t always happen.
When a business owner or employee falls for a phish, Myers said options are somewhat limited.
She said what business owners should not do is pay, as there is no guarantee they will get their data back.
Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?
While not heavily attended, the Conclave session did generate multiple questions from attendees.
One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.
Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.
Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.
2. Keep an inventory of risks and threats, and use multiple layers of security.
3. Keep systems and devices patched.
All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”
4. Back up systems and, Myers added, test the back-up.
Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.
5. Establish separation in key systems.
Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.
Also, when someone leaves the company, take away their access to the company’s systems.
6. Train employees on cyber risks at least annually, if not quarterly.
In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.
The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.
The Latest

Take a gaze at the sky with this pair of platinum diamond-set star earrings with blue lace agate drops.

Jeffrey Zimmer's decades of leadership at Reeds Jewelers are defined by integrity, a love of sourcing gemstones, and a heart for community.

You deserve to know what you are selling–to protect your customers as well as your business and your reputation.

The new high jewelry design and production process takes 30 days or less from concept to completion, the auction house said.


The holiday catalog for 2025 features never-before-seen images of more than 100 one-of-a-kind masterpieces.

The brand has released a second installment of its collection of traditional and non-traditional commitment heirlooms.

The upcoming show provides savvy retailers with the opportunity to stock their cases with best sellers in advance of the holiday season.

Corey rescued New England chain Day’s Jewelers, preserving its legacy with strong people skills, pragmatism, and a “get-it-done” attitude.

Charles Robinson Shay was sentenced to life in prison plus 120 years while his accomplice, Michael James McCormack, got 75 years.

Timepieces at Luxury will take place at The Venetian and, like Luxury, will be invitation-only for the first two days.

The auction house named a new global head of jewelry, as well as a new head of the jewelry department for the Americas.

As chairman of Schwanke-Kasten Jewelers, Tom Dixon has been tasked with honoring the past and shaping the future of the family-run store.

Katty Villapando Lyte and Mica Rencher received a $10,000 grant for their business, Shimmer Culture LLC.

The parents of the Dallas Mavericks rookie bought their engagement ring at a Day’s store in Bangor, Maine, in 1997.

The UK-based brand sourced the gemstones, which are fully traceable, from an artisanal mining community in Tanzania.

The trio of Advent calendars include a version with 18-karat gold and lab-grown diamond jewelry in a red lacquer jewelry box.

Created in collaboration with Nymphenburg Porcelain, the lock is part of a four-piece collection that took two years to bring to fruition.

Jewelry industry veteran Alisa Bunger has taken on the role.

The company and industry leader’s two-decade tenure with De Beers will come to a close at the end of the month.

“The Winter Egg” set the world auction record for a Fabergé piece twice at previous Christie’s sales.

The company will pay 1.5x silver’s current spot price for each pound of silver oxide batteries submitted.

The line includes a “Shadow” series crafted exclusively for the new men’s offering and reimagined styles from the brand’s core collections.

The rough on offer was recovered from a newer area at the Montepuez mine.

The retailer’s new collection of engagement rings and fashion jewelry is set with natural diamonds that are traceable via blockchain.

The champagne colorway in her newest “Ombré” collection combines white and trendy brown diamonds, a departure from her usual vibrant hues.

Kosann partnered with the Museum of Fine Arts, Boston, to create a set of necklaces inspired by the artwork on samurai sword handguards.