IndependentsFeb 19, 2026
Bailey’s Fine Jewelry Co-Founder ‘Mama Ann’ Bailey Dies at 100Raised in an orphanage, Bailey was 18 when she met her husband, Clyde. They opened their North Carolina jewelry store in 1948.
Events & AwardsApr 25, 2018
Live from Conclave: Understanding Cybersecurity Risks
Do your employees understand when an email should raise alarm bells? And are you patching your software when prompted?
Nashville, Tenn.—The hacks that make headlines are the ones that involve big companies and thousands, if not millions or billions, of files of customer data—Equifax, Yahoo and, most recently, Saks Fifth Avenue and Lord & Taylor.
But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked.
“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.”
Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.
She started with social engineering and phishing.
Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.
Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).
While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly.
The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.
The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back.
But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked.
“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.”
Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.
She started with social engineering and phishing.
Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.
Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).
While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly.
The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.
The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back.
Her initial recommendation is, of course, not to click on links or open the attachments in emails that seem suspicious. Delete the email, call the sender and ask if they sent that specific email with an attachment or consult IT support.
But that doesn’t always happen.
When a business owner or employee falls for a phish, Myers said options are somewhat limited.
She said what business owners should not do is pay, as there is no guarantee they will get their data back.
They should stop their system backup, wipe infected systems and devices, and restore using what was backed up before the malware was installed. (Systems need to be backed up regularly. Myers recommends having a set, repeating cycle; for example, it backs up every day at midnight.)
Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?
While not heavily attended, the Conclave session did generate multiple questions from attendees.
One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.
Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.
Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.
2. Keep an inventory of risks and threats, and use multiple layers of security.
3. Keep systems and devices patched.
All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”
4. Back up systems and, Myers added, test the back-up.
Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.
5. Establish separation in key systems.
Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.
Also, when someone leaves the company, take away their access to the company’s systems.
6. Train employees on cyber risks at least annually, if not quarterly.
In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.
The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.
Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?
While not heavily attended, the Conclave session did generate multiple questions from attendees.
One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.
Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.
Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.
2. Keep an inventory of risks and threats, and use multiple layers of security.
3. Keep systems and devices patched.
All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”
4. Back up systems and, Myers added, test the back-up.
Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.
5. Establish separation in key systems.
Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.
Also, when someone leaves the company, take away their access to the company’s systems.
6. Train employees on cyber risks at least annually, if not quarterly.
In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.
The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.
More on Events & Awards
The Latest
ColumnistsFeb 19, 2026
Peter Smith: Happiness, Cavemen, and Jewelry SalesSmith encourages salespeople to ask customers questions that elicit the release of oxytocin, the brain’s “feel-good” chemical.
IndependentsFeb 19, 2026
Material Good Opens Third Location Material Good is celebrating its 10th anniversary as it opens its new store in the Back Bay neighborhood of Boston.
Brought to you by
The MJSA Mentor & Apprenticeship Program: Attracting & Training the Next Generation of Bench JewelersLaunched in 2023, the program will help the passing of knowledge between generations and alleviate the shortage of bench jewelers.
AuctionsFeb 18, 2026
Joanna Carson’s Jewels Head to AuctionThe estate of the model, philanthropist, and ex-wife of Johnny Carson has signed statement jewels up for sale at John Moran Auctioneers.
Weekly QuizFeb 12, 2026
This Week’s QuizTest your jewelry news knowledge by answering these questions.
PodcastsFeb 18, 2026
Episode 2: Jewelry Trends & Does the Red Carpet Matter?Are arm bands poised to make a comeback? Has red-carpet jewelry become boring? Find out on the second episode of the “My Next Question” podcast.
MajorsFeb 18, 2026
Select Jewelry Inks Agreement to Distribute Lightweight Gold JewelryIt will lead distribution in North America for Graziella Braccialini's new gold pieces, which it said are 50 percent lighter.
Brought to you by
How Jewelers Can Fight Back Against Cell JammersCriminals are using cell jammers to disable alarms, but new technology like JamAlert™ can stop them.
Policies & IssuesFeb 18, 2026
Community for Ethical Jewelry Looks for Executive DirectorThe organization is seeking a new executive director to lead it into its next phase of strategic growth and industry influence.
TrendsFeb 17, 2026
A Bit of Jewelry for the Year of the HorseWestern wear continues to trend in the Year of the Fire Horse and along with it, horse and horseshoe motifs in jewelry.
SourcingFeb 17, 2026
Colored Gemstone Experts Talk Tariffs, Trends in TucsonAlthough the market is robust, tariffs and precious metal prices are impacting the industry, Stuart Robertson and Brecken Branstrator said.
GradingFeb 17, 2026
Dr. George Rossman, Former GIA Governor, Dies at 81Rossman, who advised GIA for more than 50 years, is remembered for his passion and dedication to the field of gemology.
CrimeFeb 13, 2026
JSA Offering $10K Reward in Nancy Guthrie Case Guthrie, the mother of “Today” show host Savannah Guthrie, was abducted just as the Tucson gem shows were starting.
IndependentsFeb 13, 2026
97-Year-Old New Mexico Jewelry Store To CloseButterfield Jewelers in Albuquerque, New Mexico, is preparing to close as members of the Butterfield family head into retirement.
CollectionsFeb 13, 2026
A ‘Rosebud’ Necklace for Valentine’s DayPaul Morelli’s “Rosebud” necklace, our Piece of the Week, uses 18-karat rose, green, and white gold to turn the symbol of love into jewelry.
MajorsFeb 13, 2026
JFC Announces New BeneficiariesThe nonprofit has welcomed four new grantees for 2026.
MajorsFeb 12, 2026
These 8 Saks Fifth Avenue Stores Are ClosingParent company Saks Global is also closing nearly all Saks Off 5th locations, a Neiman Marcus store, and 14 personal styling suites.
CollectionsFeb 12, 2026
British Museum Raises $5M to Keep Jewel Linked to Henry VIII, Katherine of AragonIt is believed the 24-karat heart-shaped enameled pendant was made for an event marking the betrothal of Princess Mary in 1518.
SourcingFeb 12, 2026
‘Cotton Candy’ Necklace, 35-Carat Kunzite Win 2025 ‘Buyer’s Choice’ AwardsThe AGTA Spectrum and Cutting Edge “Buyer’s Choice” award winners were announced at the Spectrum Awards Gala last week.
Events & AwardsFeb 12, 2026
Kering Opens Entries for 2026 Sustainability-Focused AwardThe “Kering Generation Award x Jewelry” returns for its second year with “Second Chance, First Choice” as its theme.
TrendsFeb 11, 2026
Halle Berry’s Retro Engagement Ring Is a Sapphire-Set StunnerSourced by For Future Reference Vintage, the yellow gold ring has a round center stone surrounded by step-cut sapphires.
MajorsFeb 11, 2026
Francesca’s Files for Chapter 11 Bankruptcy AgainThe clothing and accessories chain announced last month it would be closing all of its stores.
CollectionsFeb 11, 2026
Zales Turns Sweethearts Into Jewelry for Valentine’s Day CollectionThe “Zales x Sweethearts” collection features three mystery heart charms engraved with classic sayings seen on the Valentine’s Day candies.
TechnologyFeb 11, 2026
Gemvision Symposium 2026 Slated for AprilThe event will include panel discussions, hands-on demonstrations of new digital manufacturing tools, and a jewelry design contest.
Events & AwardsFeb 11, 2026
TJS Announces Roundtable, Launches New AppRegistration is now open for The Jewelry Symposium, set to take place in Detroit from May 16-19.
SourcingFeb 10, 2026
At Meeting in South Africa, Support for Natural Diamonds Picks Up Steam Namibia has formally signed the Luanda Accord, while two key industry organizations pledged to join the Natural Diamond Council.
TrendsFeb 10, 2026
Bad Bunny Wears Football-Shaped ‘Desert Diamond’ for Halftime PerformanceLady Gaga, Cardi B, and Karol G also went with diamond jewelry for Bad Bunny’s Super Bowl halftime show honoring Puerto Rico.
