INDUSTRY UNLOCKED
REPUTATION IS CURRENCY IN THE HOSPITALITY SECTOR , AND IT REQUIRES A HUGE LEVEL OF TRUST FROM THE CUSTOMER TO WILLINGLY HAND OVER SENSITIVE DATA .
is being inputted into : it all comes down to blind faith . If a hotel does suffer a hack , that could leave guests exposed to potential breaches and a reluctance to use it in the future or recommend it to others . One of the most extreme instances of breaches within the hospitality sector occurred when the Information Commissioner ’ s Office fined Marriott Hotels £ 18.4 million for a breach that affected up to 339 million guests and had gone undetected between 2014 – 2018 .
Business owners are confronting a multitude of threats , including phishing attacks , where employees unknowingly click on malicious links from a cybercriminal pretending to be a customer or a vendor . Point-of-sale attacks exploit vulnerabilities in hotel transaction systems , exposing guests ’ financial data . Wi-Fi infiltration , popularised by the Dark Hotel Group , involves the targeting of high profile individuals through hotel networks . Denial-of-Service ( DDoS ) attacks , increasingly common , disrupt hotel operations , while a ransomware attack involves the stealing of customer data using malware , followed by threats to release the data on the dark web if pay demands are not met . informative material regularly updated and accompanied alongside simulated phishing exercises to reinforce what staff have learned by putting it into practice . 3 . Secure payment systems : Your customers will expect payments to be protected . Implement secure payment processing systems , regularly update software and adhere to Payment Card Industry Data Security Standard ( PCI DSS ) guidelines . To ensure you are PCI compliant , regularly monitor and test your networks , perform risk assessments and create an internal information security policy , with strong access control measures . 4 . Data encryption : Encrypt sensitive customer data to protect it from unauthorised access , both in transit and at rest . Effective encryption strategies cater to the entire data lifecycle , from creation to storage to eventual deletion . This involves encrypting data before it is stored , decrypting it only when necessary for authorised purposes and finally disposing of encryption keys and encrypted data when it is no longer required .
To safeguard against cyberthreats , industry leaders and hotel management are urged to implement the following measures :
1 . Regular security audits : You cannot rely on annual checks on your security posture . Conduct routine cybersecurity audits to identify vulnerabilities in real-time and assess the effectiveness of existing measures . Cyberthreats are constantly evolving , so a proactive approach can uncover a weakness before it is exploited by malicious actors . The frequency of your audits will depend on the size of your organisation but ideally you should have a third party perform an audit once a month or quarterly . By regularly reviewing and updating security policies you will develop a system based on continuous improvement . 2 . Employee training : Your staff should not be your only line of defence , but they are an important barrier to entry . Technological solutions , such as firewalls , are important , but they are not foolproof . Educate staff about cybersecurity best practices , including recognising phishing attempts and understanding the importance of strong password management . Training should be an evolving process with
42 www . intelligentcxo . com