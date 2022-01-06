With the end to the international pandemic travel ban, the hospitality industry is preparing for a surge of friends, families, and tourist gatherings in 2022. As more travelers seek leisure time in many U.S. locations, preparing for cybersecurity attacks should be a top priority as hotels handle more personal data about their customers, which is especially important for those in the hospitality business who streamlined and digitized operations during the COVID-19 pandemic.

With digital systems in place for operations including reservation systems, app-based food delivery services, and in-room TVs to name a few, the number of vulnerabilities and the potential for costly ransomware has grown significantly in recent years. Falling victim to phishing or other cybersecurity attacks could cease operations and tarnish a brand’s reputation.

Common Hacking Techniques

Hackers have a variety of strategies and tools at their disposal to steal valuable company data. Among the most common—and one that employees are often least prepared for—is phishing. Phishing is a cybercrime that uses tactics such as deceptive emails, websites, and text messages to steal confidential personal and corporate information. Using these communication platforms, hackers use social engineering to trick users into giving them access to company networks, often in areas like payroll or accounts payable, to steal money and personal information.

Advertisement

A step beyond phishing is malware, which is intrusive software designed to damage and destroy computers and networks with malicious software like viruses, worms, spyware, and ransomware. Ransomware is a particularly devastating attack that freezes users out of their systems until a hefty ransom is paid.

Of particular note in the hospitality industry are Denial-of-Service attacks. Several recent high-profile security breaches have afflicted a variety of companies in the hospitality industry and beyond.

The Human Element

Hacking techniques continue to grow in sophistication and scale, and even small operators in the hospitality industry are vulnerable. Among the many ways to protect against these future threats, including virus software and multi-factor authentication to access company systems, the human element remains essential. As more employees work remotely and beyond the safety of the internal corporate network on their personal devices, employees need more training to reduce the risk of cyberattacks.

Proactive Preparedness Strategies

While employee training to keep businesses and customers safe is a great start, it’s just one piece of a larger strategy hospitality companies should consider to be more proactive in their cybersecurity efforts.

Regular risk assessments conducted by third-party companies, for example, can stress test processes, IT architectures, and critical business and customer applications for any weaknesses. An incident response plan that is updated regularly in collaboration with IT, security, and executive leadership should include operational and technical controls that enable secure digital transformation and assist in preventing data breaches. The plan should also adhere to the compliance domestic and international requirements internationally such as the General Data Protection Regulation (GDPR) in the European Union and the global Payment Card Industry Data Security Standard (PCI DSS).

Having a cybersecurity plan in place with the appropriate operational and technical controls, including employee training, is essential to building and maintaining customer trust and ensuring continuity of operations and revenue.

The hospitality industry is built on providing customers with memorable experiences they can trust. Because the industry is positioned at the convergence of mobile devices and enterprise technology, a modern comprehensive approach to aligning to the challenges of cybersecurity attacks in the hospitality industry is essential.

About the Author

Chris Lewter, Vice President of Sales, Wireline, Verizon Business Markets.