Looking ahead to 2020, hospitality industries plan to put more resources into security. There are several reasons why hospitality organizations have a harder time securing their assets than similarly sized businesses in different industries.
1. They have large networks.
A hospitality firm has a number of endpoints, plenty of them located in publicly accessible areas. They also use a variety of automated systems for functions like venting and heating, which are just another entry point for attackers. Most hospitality businesses have large guest databases which by requirement are regularly accessed directly by a booking system. Any compromise into the reservation system will place the database in danger, which is what occurred with the Marriott breach.
2. Huckers also as clients might be on-site too.
Both airlines and hotels have clients onsite constantly, providing the chance to receive direct access to entry points to attackers. Many offer free WiFi services, together with WiFi for a company and employee usage. Obviously, there is nothing”wrong” for this, however, it needs additional layers of safety to make sure no unauthorized access is permitted to sensitive areas of a network.
3. Staff churn.
When you have high personnel numbers and high churn, it becomes challenging to guarantee that staff members are accurately trained to handle cyber threats. Worse, it is common practice in the hospitality sector to utilize group email accounts (e.g., Reception, Client Services, etc.) which are shared with a constantly changing group of staff members. This makes it impossible for proper password change procedures. There is no wonder that credentials for these accounts are often leaked via the dark web.
Franchising is normal in the hospitality sector — especially for resorts — and franchise owners take some responsibility for safety. Most franchise owners do not always take the appropriate precautions to protect sensitive assets and have very little comprehension of cyber danger.
5. Third-party risk.
Hospitality companies have big ecosystems, including a variety of technology suppliers and partners. Possession or the transfer of digital assets or information may open up hospitality businesses up to a huge amount of risk. It can be quite tricky to discover the risk profile of a third party – especially since every company’s profile will change over time and lots of businesses in the hospitality sector just don’t have a proper way to measure how much risk they’re accepting when picking and building connections with third parties.
Check out cybersecurity for hospitality checklist to be sure that your guests are safe.