Growth via Restaurant Digitization, a Double-edged Sword


The $899 billion US restaurant industry is being transformed by changing demographics. Nearly 70% of all couples and 63% of couples with children now are dual career couples – meaning both partners work outside the home – and need healthy food options, boosting the fast-casual restaurant segment. Singles and dual career couples with kids at home, a large portion of the population that also includes increasing participants from Gen Y and Z, have unique needs. The restaurants failing to cater their needs have a hard time surviving for long. No wonder 60% of the restaurants fail within their first three years of operation!

A large portion of the population now looks to order-in frequently due to numerous professional demands that prevent them from preparing meals at home. They look for quick service, convenience and healthy menus, but all at lower prices. This segment not only frequently experiments but also seeks out variety in food options. For example, while cost-conscious when ordering-in, they use fine dining for special events, business meetings, or family treats. To stay relevant in such a dynamic and competitive environment, restaurant owners have to be clear about their target segments and frequently reinvent themselves.

Hence, many restaurant businesses are increasingly relying on digital technologies to address three key areas: (1) convenience and/or experience, (2) menu innovation, and (3) cost productivity. Mobile ordering and automated kiosks offer ease in ordering while delivering cost productivity. When labor accounts for almost 60% of cost, reducing the number of employees involved in taking orders can deliver considerable productivity gains to stay competitive. Further, automation and use of the Internet of Things (IoT) can not only deliver cost productivity but also ensure consistency in operation. Some of these digital tools also provide customer insights via data and analytics which ultimately expose trends and segment performance. The insights can be used to innovate the menu frequently. There has been a significant increase in features such as gift card programs, online/mobile ordering, email automation, and online reservations through various platforms such as Uber Eats, Grubhub, OpenTable, and Groupon. According to an Accenture study, these practices have proven to provide up to a 13% lift in revenue and 24% lift in enterprise value.

While digital tools are becoming the life blood of restaurant businesses, they also leave restaurants susceptible to data breaches. A hacker usually has multiple entry points considering the various software applications and number of devices connected to a restaurant's network. On average, 30% of the connected devices are vulnerable in a restaurant setting. The industry has seen attacks on the likes of DoorDash, quick service restaurants (QSRs) such as McDonalds and Burger King, casual dining spots including Applebee’s and Cheddars, and many other small and large brands. Earl Enterprises, a parent company to multiple restaurants including Planet Hollywood and Buca di Beppo, suffered an attack where 2 million credit card numbers were stolen. Recently, many retail locations experienced ransomware attacks on their Windows 7 based POS systems, in which attackers demanded a $1.5 million ransom to release the encryption key. Clearly, each vulnerable network is a pot of gold for cybercriminals.

A cyber-attack costs on average $375,000 to a breached unit. On top of the financial hit, the restaurant’s brand image also suffers. A survey by Arcserve showed that, out of 2,000 individuals, 59% would avoid doing business with an organization suffering from a cyber-attack, and 45% said they have gone on to share their negative experience after an attack with others. Reviews are posted all over the likes of Google and Yelp, which can drastically damage the image of any operation.

While cybersecurity is a topic that many find intimidating, there are simple steps that restaurant owners can take to protect themselves and their customers:

  1. Insurance: Consider an appropriate level of cyber insurance. It is relatively inexpensive and provides a good return.

  2. Understand risk first: Don’t start by buying a technical solution or service. Often, they are bad investments because they are not addressing the biggest risks. Worse yet, it may create a false sense of security. While technical tools are important, more than 55% of cyber-breaches are human-enabled and 25% are insider led in retail settings. Hence, a holistic understanding of risk inclusive of people, process, policy, and technical considerations is essential. Typically, external IT providers lack sufficient understanding of an individual restaurant’s operation to offer robust and holistic solutions. Performing this holistic risk assessment once or twice a year ensures the focus is on the right solutions for the biggest risks.

  3. Manage risk proactively: Remediate/mitigate risks cost-effectively and proactively. Preventive measures offer better payoffs than detecting or responding to an attack. This may include basic cybersecurity awareness and training for the staff, process and policy updates, and good cyber-hygiene practices like strong passwords and multi-factor authentications. This is a point where a technology partner or IT provider can be brought in to offer an effective technology solution.

For most people, the biggest challenge is knowing how to approach this emerging cybersecurity threat. For an effective cybersecurity effort, restaurant owners and managers need enough knowledge to ensure the advice provided to them is sound, methods and tools offered by vendors are appropriate and a good ROI is achieved for their efforts.

ResiliEYE is an easy-to-use platform that restaurants can use to manage their cybersecurity related risks holistically with an ROI mindset. The platform helps uncover all cyber related risks and determine the best solutions to address them. To receive a free guide on how to cost effectively address cybersecurity, email us at info@ResiliAnt.co.