Chris Zoladz founded Navigate LCC, an information protection privacy consultancy, eight years ago to help clients create and refine data breach response plans. According to Zoladz, when a hotel is victim to a cyber attack, it can take anywhere from days to months to determine what actually happened. Therefore, once an attack is confirmed, hotels must act quickly. Zoladz offers four tips for hoteliers facing fallout from a data breach.
1. Don’t deny the problem.
“First and foremost, hoteliers must fight the urge to deny that something bad has happened. Regardless of the nature of the attack, when hoteliers deny the presence of a problem, they are losing valuable time.”
2. Act fast.
“The first 24-48 hours are really critical to minimize damage, preserve the brand’s reputation, and maintain customer trust. Timing is everything in a breach response. You must be able to quickly identify the problem to limit losses.”
3. Engage your staff.
“It is so important to engage all of your team members when it comes to a breach response. While it’s always better to have a plan, if you don’t, then you should immediately identify and engage the necessary members of your team. A timely response is generally going to include representatives from the legal department, information technology, security, communications or public relations, and human resources. You must bring everyone together quickly to control the damage and ensure everyone is on the same page.”
4. Identify a team leader.
“Who is the quarterback of the response? Who is going to ensure that all tasks are completed to comprise an efficient response? Who is going to establish the roles and responsibilities of the various team members? Who is going to approve press releases or responses to the media? Some of that may already be in place during a normal business day, but when these events happen, it is no longer a typical day.”