The Barking Coyote Benefits from a Threat Sketch Risk Assessment

Business Profile: The Barking Coyote, located in Elkin, NC, is a small, for-profit business providing farm-fresh food products, baked goods and ready-to-eat dinners to its clientele. The store was opened in July 2016 by Rich Wooldredge and his wife, Jody Hartle. It is an extension of their family farm, where they produce blueberries, strawberries, rhubarb, asparagus, and a variety of other vegetables, along with honeybees and free range chickens.

Background

Shortly after opening The Barking Coyote, Rich completed a cybersecurity Risk Assessment with Threat Sketch. “Since we’re serving customers on a daily basis, providing debit and credit card use through Square, I thought it would be good to be informed of my cybersecurity risks and find out how well prepared I am,” Rich says.

The Barking Coyote uses the free wifi service provided by the Town of Elkin to access the internet. Through that access the store is able to utilize the online payment processor Square. Rich does not keep any records of customer’s debit or credit card numbers at his store or on a server. Rather, they are transferred live to Square’s server, where the information is processed. There are no computers or servers at The Barking Coyote, only a tablet and use of wifi.

The Analysis

After completing the online survey, Threat Sketch provided Rich and Jody with a thorough assessment of their cyber security risks. The highest priority risk for The Barking Coyote was cyber espionage. The company is vulnerable to a cyber espionage attack and facing a breach could be the most costly to their reputation as well as their bank account.

“It seems like a cost-effective move to use the town’s free wifi, but in reality this is creating a major cybersecurity issue for The Barking Coyote,” says Rob Arnold, CEO, Threat Sketch. “Someone could easily sit outside the establishment and ‘listen’ to everything they do. That includes everything from to spying on their web-browsing activity to skimming credit card numbers as they’re being sent to Square.”

Other threats found through the risk assessment included a vulnerability to point-of-sale hacking and malware or crimeware attacks. On a lower priority, but still a risk, were website attacks, denial of service, and card skimming.

Lessons Learned

“I’m glad we were able to complete a risk assessment with Threat Sketch,” Rich says. “My consciousness was raised when it comes to cybersecurity issues, and now I really have a better awareness of the issues I should be paying attention to.”

Thanks to the results of the risk assessment, Rich is looking into installing a dedicated internet connection in his store in order to have a way to transmit data through a secure route. He has also talked with the support team at Square to verify their cybersecurity protocols and make sure his customers’ information is protected once it leaves his store. “Before this assessment, I had no idea there were security issues with using the town’s free wifi,” Rich says. “Now I’ve been able to ask the questions I should have been asking from the beginning, to fully protect my customers and our reputation.”