Have you ever thought what would be the consequences if financial and personal information of every hotel guest was obtained by some cybercriminal? More than 5 million guests of Marriott hotel know. You can find out why cybersecurity matters on the Hotel Management website.
However, Marriott is not the only company that suffered from a cyber attack and subsequent data leakage. Almost every hotel is vulnerable to ransomware, malware, hacking, spam and other threats. You can read about the types of possible cyber attacks on our website here.
Data leakage can result in some physical damages as well. The malicious computer worm called Stuxnet affected over 1000 of nuclear centrifuges in Iran by means of infecting over 200000 computers. Imagine the level of destruction if one of these centrifuges had exploded.
Why is it important to offer cybersecurity training to your employees?
The answer is simple enough, as your staff cannot identify the security threat, report, avoid or remove it if they are not aware of how to do that. A year ago a survey found that staff training and email security were considered the main problems IT security experts had to deal with. In one company about 30% of the staff were not sure what malware and email phishing were.
Even if the necessary precautions have been taken, such as firewalls and security software, it is not enough, as for phishers the entry point is usually staff, not the technology. It does not mean that staff conspires to bring the hotel to its ruin. However, as all humans, hotel workers make mistakes and can unintentionally trust fake identities and become victims of phishing and other cunning tactics used by criminals. The training is essential for staff to keep the hotel and themselves protected against cyber attacks. If your employees are aware of the risks that might await them, they can identify a threat and complete the necessary procedures in order to avoid the damage.
What is the way to educate your employees about cyber security?
According to the report of The World Economic Forum, data theft and cyber attacks are very likely to happen. Cybercriminals focus on manipulation of human behavior that makes them reach these record levels.The internet has opened a “can of worms” providing various services to hackers, who often make hotel staff their victims. The only possible way to resist this tendency is through educating the staff.
This process is not an event or even a solution to a problem – it is a procedure. We have prepared for you a checklist of fundamental areas that you should add to your staff training agenda.
1. Establish the cybersecurity needs for your hotel needs
Outlining your needs is the first step. A suitable training package should meet your industry and company needs. It is possible that you will need to set up a separate program for different departments. For example the staff that has access to computers should be trained on how to detect phishing. Most likely you will have to conduct simulated exercises for better results.
2. Include cybersecurity training during the hiring process
The training for the hotel staff cannot and should not wait. Data breach or other cyber attacks may occur at any given moment, and new employees are the most vulnerable to them. Providing training during onboarding will help you make sure that there are less weak spots. Staff members should understand that cybersecurity is a fundamental issue. Encourage them to use the given tips to protect not only company technology but also their personal devices.
3. Make employees’ cybersecurity education a continuous process
Conduct instructions regularly, so your staff will be always on guard. This way your employees will always be ready for an attack. You may send them emails with cybersecurity precautions, so your hotel safety is always on their mind.