Events & Awards

Live from Conclave: Understanding Cybersecurity Risks

Events & AwardsApr 25, 2018

Live from Conclave: Understanding Cybersecurity Risks

Do your employees understand when an email should raise alarm bells? And are you patching your software when prompted?

Nashville, Tenn.—The hacks that make headlines are the ones that involve big companies and thousands, if not millions or billions, of files of customer data—Equifax, Yahoo and, most recently, Saks Fifth Avenue and Lord & Taylor. 

But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked. 

“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.” 

Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.

She started with social engineering and phishing. 

Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.

Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).

While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly. 

The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.

The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back. 

Her initial recommendation is, of course, not to click on links or open the attachments in emails that seem suspicious. Delete the email, call the sender and ask if they sent that specific email with an attachment or consult IT support.

But that doesn’t always happen.

When a business owner or employee falls for a phish, Myers said options are somewhat limited. 

She said what business owners should not do is pay, as there is no guarantee they will get their data back. 
They should stop their system backup, wipe infected systems and devices, and restore using what was backed up before the malware was installed. (Systems need to be backed up regularly. Myers recommends having a set, repeating cycle; for example, it backs up every day at midnight.)

Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?

While not heavily attended, the Conclave session did generate multiple questions from attendees.

One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.

Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.

Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.

2. Keep an inventory of risks and threats, and use multiple layers of security.

3. Keep systems and devices patched.

All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
 
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”

4. Back up systems and, Myers added, test the back-up.

Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.

5. Establish separation in key systems.

Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.

Also, when someone leaves the company, take away their access to the company’s systems.

6. Train employees on cyber risks at least annually, if not quarterly.

In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.

The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.

Michelle Graffis the editor-in-chief at National Jeweler, directing the publication’s coverage both online and in print.

The Latest

Khepri Jewels Luna collection fancy color fringe multi-shape drop diamond earrings
EditorsJun 24, 2025
The Best New Jewelry from Couture 2025, Part 2

Associate Editor Natalie Francisco shares 20 additional pieces that stood out to her at the Couture show.

Lori Tucker
IndependentsJun 24, 2025
Colorado Bench Jeweler Celebrates 50 Years With Local Retailer

Lori Tucker started at Williams Jewelers when she was 18 years old.

“Marvel | Citizen Zenshin” watch for the new The Fantastic Four movie
WatchesJun 24, 2025
Citizen’s New ‘Fantastic Four’ Watch Is Literally Super

The “Marvel | Citizen Zenshin” watch is crafted in Super Titanium and has subtle nods to all four “Fantastic Four” superheroes on the dial.

an instructor and a student in a bench jewelry classroom
Brought to you by
Investing in the Next Generation of Bench Jewelers

The Seymour & Evelyn Holtzman Bench Scholarship from Jewelers of America returns for a second year.

XO Tacori diamond ring
MajorsJun 24, 2025
Tacori, QVC to Launch Exclusive Lab-Grown Diamond Jewelry Collection

The “XO Tacori” collection was designed to blend luxury and accessible pricing.

Weekly QuizJun 20, 2025
This Week’s Quiz
Test your jewelry news knowledge by answering these questions.
Take the Quiz
Pritesh Patel
GradingJun 23, 2025
GIA Names New President and CEO

Pritesh Patel, the lab’s chief operating officer, will take over as president and CEO of GIA.

Graphic for Las Vegas recap episode of “My Next Question”
Recorded WebinarsJun 23, 2025
Watch: Top Trends at Couture, JCK Las Vegas 2025

National Jeweler and Jewelers of America discuss the standout jewelry trends and biggest news to emerge from the shows this year.

Jewelers of America logo with meetup, State of the Majors, giveaway and massages
Brought to you by
Jewelers of America is Headed to Las Vegas for JCK 2025

The countdown is on for the JCK Las Vegas Show and JA is pulling out all the stops.

Luanda Accord
SourcingJun 23, 2025
Diamond Producers, Organizations to Kick in Money to Promote Natural Diamonds

Signatories to the “Luanda Accord” committed to allocating 1 percent of annual diamond revenue to the Natural Diamond Council.

Single Stone Bryn Ring and Grace Lee Marquise Demi Demi Ring
TrendsJun 20, 2025
Dua Lipa Stays On-Trend With Chunky Engagement Ring

The singer’s ring ticks off many bridal trends, with a thick band, half-bezel setting, and solitaire diamond.

Yvonne Léon Python Gold Bracelet
TrendsJun 20, 2025
Piece of the Week: Yvonne Léon’s ‘Python Gold’ Bracelet

The bracelet references vintage high jewelry and snake symbolism as a playful piece where a python’s head becomes a working belt buckle.

Stock image of handcuffs
CrimeJun 18, 2025
7 Men Indicted in $100M Brinks Jewelry Heist

The heist happened in Lebec, California, in 2022 when a Brinks truck was transporting goods from one show in California to another.

Marie-Thérèse Pink diamond and Blue Belle sapphire necklace
AuctionsJun 18, 2025
Historic ‘Marie-Thérèse Pink’ Diamond Fetches $14M at Christie’s

The 10-carat fancy purple-pink diamond with potential links to Marie Antoinette headlined the white-glove jewelry auction this week. 

Caryl Capeci Starboard Cruises
EditorsJun 18, 2025
Q&A: Caryl Capeci Dives Into Cruise Jewelry Shopping

The Starboard Cruises SVP discusses who is shopping for jewelry on ships, how much they’re spending, and why brands should get on board.

Gresham grasshopper ring
AuctionsJun 18, 2025
16th-Century ‘Gresham Grasshopper’ Ring Sells for $56K

The historic signet ring exceeded its estimate at Noonans Mayfair’s jewelry auction this week.

Kirk Kara fine jewelry
CollectionsJun 18, 2025
Kirk Kara Celebrates 135 Years With New Jewels

To mark the milestone, the brand is introducing new non-bridal fine jewelry designs for the first time in two decades.

Gemfields 36 Carat Ruby
SourcingJun 18, 2025
Gemfields Sells 36-Carat Rough Ruby

The gemstone is the third most valuable ruby to come out of the Montepuez mine, Gemfields said.

Alex Brown
TechnologyJun 18, 2025
Alex Brown Named President of Smithee Group

Founder and longtime CEO Ben Smithee will stay with the agency, transitioning into the role of founding partner and strategic advisor.

Jade Ruzzo Gloria Collar
EditorsJun 17, 2025
The Best New Jewelry from Couture 2025, Part 1

Associate Editor Natalie Francisco shares 20 of her favorite pieces from the jewelry collections that debuted at Couture.

Jewelry industry author, speaker, and sales expert Peter Smith
ColumnistsJun 17, 2025
Peter Smith: Is Your Comp Plan a Hiring Hindrance?

If you want to attract good salespeople and generate a stream of “sleeping money” for your jewelry store, then you are going to have to pay.

Selection of jewelry from Sotheby’s New York High Jewelry sale
AuctionsJun 17, 2025
Colored Gemstones, Signed Jewels Shine in Sotheby’s High Jewelry Sale

The top lot was a colorless Graff diamond, followed by a Burmese ruby necklace by Marcus & Co.

Amanda Gizzi, Jewelers of America’s SVP of corporate affairs
MajorsJun 17, 2025
Amanda Gizzi Gets a Promotion at JA

Gizzi, who has been in the industry since 2001, is now Jewelers of America’s senior vice president of corporate affairs.

Kering CEO Luca de Meo
MajorsJun 17, 2025
Kering Names Automotive Exec as Its New CEO

Luca de Meo, a 30-year veteran of the auto industry, will succeed longtime CEO François-Henri Pinault.

Botswana Minster of Minerals and Energy Bogolo Joy Kenewendo
EditorsJun 16, 2025
Q&A: Bogolo Joy Kenewendo on Mining, Tariffs, and the Energy of Las Vegas

Following visits to Vegas and New York, Botswana’s minerals minister sat down with Michelle Graff to discuss the state of the diamond market.

Greenwich Street Jewelers Your Love Has the Perfect Ring Campaign
IndependentsJun 16, 2025
Greenwich St. Jewelers Launches Commitment Campaign Celebrating LGBTQ+ Couples

The “Your Love Has the Perfect Ring” campaign showcases the strength of love and need for inclusivity and representation, the jeweler said.

Ivette Nersesyan-Stephanopoulos
MajorsJun 16, 2025
Ivette Nersesyan-Stephanopoulos Joins Tiffany & Co.

The former De Beers executive is the jewelry house’s new director of high jewelry for the Americas.

New York Liberty Nyara Sabally Catbird campaign
MajorsJun 16, 2025
Catbird Names WNBA Star Nyara Sabally as Its New Brand Ambassador

The New York Liberty forward is the first athlete to represent the Brooklyn-based jewelry brand.

×

This site uses cookies to give you the best online experience. By continuing to use & browse this site, we assume you agree to our Privacy Policy