Events & Awards

Live from Conclave: Understanding Cybersecurity Risks

Events & AwardsApr 25, 2018

Live from Conclave: Understanding Cybersecurity Risks

Do your employees understand when an email should raise alarm bells? And are you patching your software when prompted?

Nashville, Tenn.—The hacks that make headlines are the ones that involve big companies and thousands, if not millions or billions, of files of customer data—Equifax, Yahoo and, most recently, Saks Fifth Avenue and Lord & Taylor. 

But that doesn’t mean a small business, like a family-owned jewelry store, can’t be hacked. 

“Every organization is a target,” Mary Myers, an information security analyst with Jewelers Mutual Insurance Group, said. “There are just different rationales for why.” 

Myers presented a breakout session Monday morning at Conclave outlining the cybersecurity risks businesses face and detailing what jewelers should do if they are hacked.

She started with social engineering and phishing. 

Social engineering is the act of manipulating employees into doing something they otherwise would not do. Phishing is social engineering via email and can involve attachments, directing the recipient to fake websites, or fake emails.

Myers said phishing emails are often unexpected and written in a way that makes them seem urgent (your immediate reply is requested, etc.).

While they can contain misspellings and grammatical errors, she noted that hackers are getting smarter and cleaning up their emails so there are fewer of these. Phishing messages also can come from email addresses that are nearly identical to (or exactly the same as, which is called spoofing) those of people with whom the business owner and/or employees communicate regularly. 

The emails try to bait the the receiver into replying and engaging in a conversation, opening an attachment or clicking a link for the purposes of installing malware on the business’ computer systems.

The malware widely in use by hackers right now is called ransomware, Myers said. Hackers lock victims’ computers with encryption and demand they pay a ransom, via Bitcoin, to get their data back. 

Her initial recommendation is, of course, not to click on links or open the attachments in emails that seem suspicious. Delete the email, call the sender and ask if they sent that specific email with an attachment or consult IT support.

But that doesn’t always happen.

When a business owner or employee falls for a phish, Myers said options are somewhat limited. 

She said what business owners should not do is pay, as there is no guarantee they will get their data back. 
They should stop their system backup, wipe infected systems and devices, and restore using what was backed up before the malware was installed. (Systems need to be backed up regularly. Myers recommends having a set, repeating cycle; for example, it backs up every day at midnight.)

Jewelers also face cybersecurity risks from both employees and vendors/contractors who could accidentally load a virus onto a system by clicking a phishing link or visiting a disreputable site, or who could violate a business intentionally, by purposely loading or sending a virus or sharing sensitive customer information. Myers said business owners need to provide guidance to employees, vendors and contractors and to clearly define: what does acceptable internet use at the company look like?

While not heavily attended, the Conclave session did generate multiple questions from attendees.

One jeweler asked if should she turn off her servers at night to help protect against attacks. You can, Myers answered, but it won’t necessarily prevent anything, as some of this software is malware designed to enter the system and lie dormant until it can be activated.

Another asked if paid-for anti-virus software is better than free. Myers said anything that will help a business quarantine and clean up a virus is “great.” What will work best a particular business really depends on its size, needs and risk factors.

Myers wrapped up with a list of a half-dozen additional tips for increasing cybersecurity.
1. Keep an inventory of key systems and applications.

2. Keep an inventory of risks and threats, and use multiple layers of security.

3. Keep systems and devices patched.

All software has “gaps” that make it vulnerable to hackers, Myers said. “Patches” are released regularly by software companies and are intended to seal those gaps. Microsoft releases patches for its software on a monthly basis, but probably the most well-known example of a patch are the “updates” Apple regularly sends for iPhones and iPads.
 
“If you don’t close it,” Myers said of the gap, “you’re exposed. Patching is super, super critical.”

4. Back up systems and, Myers added, test the back-up.

Having a virus-infected system is going to create an “emotionally charged” situation. She said business owners don’t want that to be the first time they’ve ever walked through the process of employing their back-up.

5. Establish separation in key systems.

Business owners who host their own websites should separate it internally and not have it on the same server as the rest of their data. They also need to rotate job duties. They can’t “give the keys to the kingdom” to one person; hackers would have to have access to several people if there's separation.

Also, when someone leaves the company, take away their access to the company’s systems.

6. Train employees on cyber risks at least annually, if not quarterly.

In response to one jeweler’s question, Myers said business owners can require employees who connect personal devices to the store’s Wi-Fi to update those devices when prompted. She recommended writing it into the store’s policy.

The JSA also recently released a list of cybersecurity recommends, which was included in National Jeweler’s article about Saks getting hacked.

Michelle Graffis the editor-in-chief at National Jeweler, directing the publication’s coverage both online and in print.

The Latest

Stock image of a gavel and law books
CrimeOct 07, 2025
Men Who Posed as Utility Workers Found Guilty in Jeweler’s Murder

Carlos Jose Hernandez and Joshua Zuazo face life in prison for the October 2024 murder of 72-year-old Detroit-area jeweler Hussein Murray.

Zoë Kravitz Wearing Jessica McCormack Tempest Sapphire Pendant and Tempest Diamond Necklace
CollectionsOct 07, 2025
Jessica McCormack Looks to Sea Spirits for ‘Tempest’ Collection

The brand’s first high jewelry collection, “Tempest” plays with movement while calling to mind the folklore of the sea.

Lightning Ridge Rural Fire Brigade
SourcingOct 07, 2025
Columbia Gem House Announces ‘Opals for Outback Heroes’ Fundraiser

Proceeds from its jewelry raffle will go to a volunteer-run fire and rescue group in the Lightning Ridge area of New South Wales, Australia.

ja_fall_2024_by_headshot_stories_6824.jpg
Brought to you by
JA New York Fall Is Right Around the Corner

The upcoming show provides savvy retailers with the opportunity to stock their cases with best sellers in advance of the holiday season.

Stuller 2025 S.E.R.V.E. Star Awards winners
MajorsOct 07, 2025
Stuller Names Its S.E.R.V.E Stars for 2025

Stuller said the recipients embody the company’s core values, which include community participation and personal and professional growth.

Weekly QuizOct 02, 2025
This Week’s Quiz
Test your jewelry news knowledge by answering these questions.
Take the Quiz
All four models of Citizen’s new Rainell watch
WatchesOct 06, 2025
This Fall, Citizen’s Forecast Calls for Rain

Citizen’s new “Rainell” women’s watch has a raindrop-shaped case and is available with a silver-, gold-, purple-, or green-colored dial.

Mercedes Gleitze Rolex Oyster 1926
AuctionsOct 06, 2025
The ‘Rolex That Made Rolex’ Heads to Auction at Sotheby’s

The “Mercedes Gleitze Rolex Oyster,” named for the British endurance swimmer who made it famous, will go up for sale next month.

gia-edu main image.png
Brought to you by
A Brilliant Future Is Here

Online education from GIA experts.

Amit Pratihari GIA India
GradingOct 06, 2025
GIA India Names Former De Beers Exec as New Managing Director

Amit Pratihari was previously the managing director of De Beers India and Forevermark India.

DCWC 2025 Board of Directors
SourcingOct 06, 2025
SoCal 24 Karat Club Integrates Into Diamond Club West Coast

Members of the Jewelers 24 Karat Club of Southern California will gain access to expanded services, resources, and connections, DCWC said.

Selena Gomez and Benny Blanco Wedding, Jacob & Co. Watch
TrendsOct 03, 2025
Selena Gomez, Benny Blanco Tie the Knot Wearing Diamonds, White Metals

Gomez’s jewelry included Tiffany & Co. drop-style earrings while Blanco stacked diamonds from Jacob & Co. on his wrist.

HRD Antwerp CEO Paul De Wachter
GradingOct 03, 2025
Grading Lab HRD Antwerp Names New CEO

Diamond industry banking veteran Paul De Wachter will take on the role in January 2026.

Taylor Swift Kallati sapphire ring
TrendsOct 03, 2025
Piece of the Week: Kallati’s Pink Sapphire Ring

Taylor Swift flaunts an Elizabeth Taylor-esque gemstone in promo for her new album, “The Life of a Showgirl.”

Boucheron Quatre Sand Collection
CollectionsOct 02, 2025
Boucheron Debuts Cuffs Crafted With 3D-Printed Sand

Its “Quantre Sand” capsule was made using a 3D sand printing technique borrowed from the automotive and aeronautics industries.

Stock image of crime scene tape
CrimeOct 02, 2025
$1M in Jewelry Stolen in Northern California Smash and Grab

Four individuals have been charged in the “takeover-style” robbery of Heller Jewelers last month, and additional charges are expected.

Neil Lane and Boucheron bow tie brooch
MajorsOct 02, 2025
Neil Lane Jewelry Exhibition Coming to Toledo Museum of Art

“Radiance and Reverie” will showcase more than 150 jewels from Lane’s personal collection by Tiffany & Co., Cartier, and more.

Just Jules opal necklace
TrendsOct 02, 2025
Amanda’s Style File: October’s Colorful Show

The month’s birthstones, tourmaline and opal, complement the palette of autumn.

Peter Smith National Jeweler columnist
ColumnistsOct 01, 2025
Peter Smith: Why Vendor Success Starts With Self-Reflection

Smith shares the importance of looking at your company with openness and honesty to identify opportunities you may be missing.

Plah Black Swan Earrings
EditorsOct 01, 2025
Playing Favorites: The Best Jewelry From Vicenzaoro

Associate Editor Natalie Francisco visited Italy to spot jewelry trends at the September Vicenzaoro show and share her top finds.

People shopping in a mall
SurveysOct 01, 2025
Consumer Confidence Hits 5-Month Low in September

Respondents were concerned about job availability and rising prices.

Gemfields rough emeralds
SourcingOct 01, 2025
Gemfields’ H1 Revenue Falls 47%

Its latest interim financials revealed a challenging first half due in part to production troubles at its mines.

Pandora executives Alexander Lacik and Berta de Pablos-Barbier
MajorsSep 30, 2025
Pandora CEO to Retire in 2026, Hand Reins to CMO

Alexander Lacik has led Pandora since 2019. Berta de Pablos-Barbier will succeed him, the first woman to head the company.

Gavel near stacks of books
CrimeSep 30, 2025
2 Suspects Charged in $300K Sleight-of-Hand Jewelry Store Scam

Two men allegedly used counterfeit bills to purchase luxury watches and jewelry from a North Carolina jeweler.

Billie Eilish and Finneas O’Connell John Hardy Lovestruck Collection
CollectionsSep 30, 2025
Billie Eilish, Finneas Partner with John Hardy

The “Lovestruck” collection, designed with the Academy and Grammy award-winning siblings, is the brand’s first lab-grown diamond offering.

Spinelli Kilcollin Market Highland Park
IndependentsSep 30, 2025
Spinelli Kilcollin Announces Residency in Dallas

The brand, celebrating its 15th anniversary, has popped up at Market, a luxury fashion destination in Highland Park Village.

Nina Pugliese Henne Jewelers
IndependentsSep 29, 2025
Nina Pugliese, Longtime Henne Jewelers Employee, Dies at 65

She was remembered as a creative and generous woman of faith, who also had a sweet tooth.

Kwait White and Yellow Gold Diamond Earrings
TrendsSep 29, 2025
Amanda’s Style File: Ear Focus

Move over neck mess, the ear story is the way to make a layering statement today.

×

This site uses cookies to give you the best online experience. By continuing to use & browse this site, we assume you agree to our Privacy Policy