There are risks and cybersecurity controls that are applicable to all businesses, no matter what industry they are in or what sector of customer they service. Still, as a business in the hotels and hospitality industry, there are some specific risks that only you have to face.
We have worked with a Senior Leader working in the Hotel sector to produce an guide that highlights the cybersecurity basics that all businesses can’t ignore and should follow. The guide will view them in light of the unique business processes hotels and hospitality companies have to service our guests. We’ll aim to give you practical advice you can use today, things to plan for and where you can get more help from.
So, let's thinks about the customer journey as they plan a trip. Research will inevitably be carried out online, which may lead to your property listing on an online travel agency website or directly to your own website.
Of course, the security of a third party website is the responsibility of the third party themselves (we’ll talk more about what happens if a third party system has a breach, later), but what about the security of your website? Has your provider or web designer scanned and tested it against the common security vulnerabilities that exist through misconfiguration, inadvertently programmed with vulnerabilities or by using a component that has a vulnerability?
A website with vulnerabilities could expose your guest’s sensitive data, such as credit card information, to theft or public exposure.
A loss of customer data in this way could lead to regulatory fines from the Payment Card Industry (PCI), and with the advent of GDPR, you could be fined up to £17m or 4% of your gross annual revenue, whichever is greater. Although the UK is no longer part of the EU, the UK's 2018 Data Protection Act enacted the EU's GDPR requirements into UK law from Jan 1 2021.
In 2020 the UK Information Commissioner’s Office (ICO) levied fines of £39.7 million against UK businesses for data breaches.
This guide will walk you through 8 types of cyber attacks that hotels and hospitality businesses are particularly vulnerable to. This is not to say it won’t happen to other businesses, but due to the nature of the data collected, the information that is shared, the way payments are processed, the risk of these types of cyber attacks happening is high.
Should you need some help if a data breach occurred or you are looking for some ongoing protection then there’s information to cover this to.
So, what’s stopping you? Download the full guide below.