Events & Awards

Live from Conclave: Understanding Cybersecurity Risks

Events & AwardsApr 25, 2018

Live from Conclave: Understanding Cybersecurity Risks

Do your employees understand when an email should raise alarm bells? And are you patching your software when prompted?

Nashville, Tenn.—The hacks that make headlines are the ones that involve big companies and thousands, if not millions or billions, of files of customer data—Equifax, Yahoo and, most recently, Saks Fifth Avenue and Lord & Taylor. 

But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked. 

“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.” 

Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.

She started with social engineering and phishing. 

Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.

Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).

While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly. 

The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.

The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back. 

Her initial recommendation is, of course, not to click on links or open the attachments in emails that seem suspicious. Delete the email, call the sender and ask if they sent that specific email with an attachment or consult IT support.

But that doesn’t always happen.

When a business owner or employee falls for a phish, Myers said options are somewhat limited. 

She said what business owners should not do is pay, as there is no guarantee they will get their data back. 
They should stop their system backup, wipe infected systems and devices, and restore using what was backed up before the malware was installed. (Systems need to be backed up regularly. Myers recommends having a set, repeating cycle; for example, it backs up every day at midnight.)

Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?

While not heavily attended, the Conclave session did generate multiple questions from attendees.

One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.

Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.

Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.

2. Keep an inventory of risks and threats, and use multiple layers of security.

3. Keep systems and devices patched.

All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
 
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”

4. Back up systems and, Myers added, test the back-up.

Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.

5. Establish separation in key systems.

Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.

Also, when someone leaves the company, take away their access to the company’s systems.

6. Train employees on cyber risks at least annually, if not quarterly.

In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.

The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.

Michelle Graffis the editor-in-chief at National Jeweler, directing the publication’s coverage both online and in print.

The Latest

Movado Connect 2.0 watches
FinancialsMay 30, 2025
Movado’s Q1 Sales Slip Amid ‘Challenging’ Retail Environment

The company plans to raise the prices of select watches to offset the impact of tariffs.

Zoë Chicco Bracelets
Policies & IssuesMay 30, 2025
Tariffs & Designers: Navigating Pricing in an Unstable Environment

Between tariffs and the sky-high cost of gold, designers enter this year’s Las Vegas shows with a lot of questions and few answers.

Renato Cipullo Hematite Blaze Necklace
CollectionsMay 30, 2025
Piece of the Week: Renato Cipullo’s ‘Hematite Blaze’ Necklace

Designed by founder Renato and his daughter Serena Cipullo, it showcases a flame motif representing unity and the power of gathering.

Article Image 1.png
Brought to you by
Clienteling Isn’t a Buzzword. It’s an Essential Business Model.

More shoppers are walking out without buying. Here’s how smart jewelers can bring them back—and the tool they need to do it right.

Stock image of shipping containers
Policies & IssuesMay 30, 2025
Trade Court Declares Trump’s Tariffs Invalid

However, the tariffs remain in effect in the short term, as an appeals court has stayed the U.S. Court of International Trade’s decision.

Weekly QuizMay 30, 2025
This Week’s Quiz
Test your jewelry news knowledge by answering these questions.
Take the Quiz
Britney Spears
CollectionsMay 29, 2025
Britney Spears Files Trademark for New Jewelry Line

The pop icon is one step closer to launching her “B Tiny” jewelry collection, a collection she first began posting about last fall.

Inoveo Platinum Grain image.jpg
Supplier BulletinMay 29, 2025
Inoveo Platinum Grain, Exclusively Distributed by Stuller

Sponsored by Stuller

antique_Vegas_2024_by_headshot_stories_9454.jpg
Brought to you by
Las Vegas Antique Jewelry & Watch Show: Showcasing the Most Collectible Merchandise from Across the Globe

Gain access to the most exclusive and coveted antique pieces from trusted dealers during Las Vegas Jewelry Week.

Grizzly Mining Pilala emerald
SourcingMay 29, 2025
Grizzly Auctions 6,620-Carat Emerald

It was featured in the miner’s latest sale, which brought in $24.8 million.

GemFind Logo
TechnologyMay 29, 2025
GemFind Launches AI Product Description Software

GemText AI uses artificial intelligence to generate tailored product titles, descriptions, and tags with jewelry-specific language.

Graff Fontainebleau Las Vegas
MajorsMay 28, 2025
Graff Unveils New Las Vegas Flagship

The 3,300-square foot location is the jeweler's largest store in North America.

Kim Kardashian
CrimeMay 28, 2025
8 Convicted in Kim Kardashian Jewelry Heist Trial

Aging and with myriad health issues, none will serve time for their roles in robbing the billionaire celebrity at gunpoint in 2016.

New York Liberty 2024 WNBA Championship Ring
CollectionsMay 28, 2025
NY Liberty’s 2024 Championship Rings Honor Historic Win

The WNBA team received rings imbued with meaning, from leaf motifs and its Liberty torch to the number of diamonds used.

Jewelers Board of Trade logo
MajorsMay 28, 2025
Andrew Rickard Named JBT President

A longtime executive at RDI Diamonds, Rickard has served on the JBT board for the past five years.

Logos for Manufacturing Jewelers & Suppliers of America and Jewelers of America
MajorsMay 27, 2025
MJSA to Become Part of Jewelers of America

The two organizations have signed an affiliation agreement that’s expected to be finalized in the coming weeks.

Al Capone Pocket Watch
AuctionsMay 27, 2025
Al Capone’s Patek Philippe Pocket Watch Back Up for Auction

The platinum and diamond watch is part of Sotheby’s upcoming Important Watches sale.

Kat Florence Lumina
AuctionsMay 27, 2025
182-Carat Paraíba-Type Tourmaline Sells for $487K

Recovered in Mozambique, “The Kat Florence Lumina” was part of Bonhams’ Hong Kong jewelry auction held last week.

Mark Henry Gumdrop Bypass Ring
TrendsMay 27, 2025
Amanda’s Style File: Candy-Colored Gemstones

Get a taste of the delicious candy-like gemstones in this Amanda’s Style File.

Stock image of police cars with their lights on
CrimeMay 23, 2025
JSA Shares Holiday Weekend Security Tips Amid Spike in Burglaries

JSA’s Scott Guginsky provided a list of nine security measures jewelers should observe while locking up for the long weekend.

Bliss Lau Bright Ring
CollectionsMay 23, 2025
Piece of the Week: Bliss Lau’s ‘Bright’ Ring

From Lau’s “Love of a Kind” series, the engagement ring was inspired by the moon and holds a different meaning depending on how it is worn.

GIA pearl report
GradingMay 23, 2025
GIA Updates Pearl Classification System

The lab has adjusted the scale it uses for nacre grading.

GCALbySarine Diamond Journey Certificate_1872x1052.jpg
Supplier BulletinMay 22, 2025
How to Put Natural Diamonds Back in the Spotlight

Sponsored by GCAL by Sarine

The late West Virginia jeweler David Ettinger
CrimeMay 22, 2025
NY Jeweler Sentenced in Shoving Death of Colleague at IJO Show

David Walton will serve three years’ probation after an incident in a hotel bar led to the death of West Virginia jeweler David Ettinger.

Watches of Switzerland store in Mall of America
FinancialsMay 22, 2025
Watches of Switzerland’s Full-Year U.S. Sales Climb 14%

The retailer also provided an update on how the tariffs situation in the U.S. is affecting its business.

Jorge Adeler, Wendy Adeler, Valentina Adeler
IndependentsMay 22, 2025
Adeler Jewelers Celebrates 50 Years

The family-owned jeweler in Great Falls, Virginia, will be celebrating its golden jubilee with a year’s worth of events.

MJSA 2025-2026 Buyer’s Guide
MajorsMay 22, 2025
MJSA Releases 2025-2026 Buyer’s Guide

This year’s edition includes articles on the favorite tools of notable designers, evaluating when to outsource production, and more.

Bulgari Invisible Violet Necklace and Rainbow Flow Necklace
CollectionsMay 21, 2025
Bulgari Highlights Its Colorful Past in Phenomenal ‘Polychroma’ Collection

The jeweler’s high jewelry collection features extraordinary gemstones, like a 241.06-carat emerald and the world’s fourth-largest spinel.

×

This site uses cookies to give you the best online experience. By continuing to use & browse this site, we assume you agree to our Privacy Policy