The Centripetal Blog

Cybersecurity in Hospitality – Protecting Hotels, Restaurants, and Resorts from Cyber Threats

Posted by Byron Rashed on July 27, 2021

No industry has undergone such a dramatic evolution in recent years as the hospitality industry. To keep up with customer demand for convenience and accommodate COVID-19 restrictions, many hospitality businesses have digitized dramatically, implementing reservation apps, digital payments, and online loyalty programs. This explosion of data has made the hospitality sector easy prey for hackers, with 22 million U.S travellers reported as being a victim of a cyber attack at hotels.

Easy prey for hackers

The interconnected digital environments within hotels and holiday resorts are a particularly weak spot, all containing card-reading and POS devices and storing customer data long after guests have left. With individual hotels, resorts, and restaurants often connected to the organization’s national or international network, only one location needs to be breached before the entire company is at risk. Malicious actors can also gain access to personal data from smart televisions, biometric keys, and hotel WiFi in spear phishing attacks like DarkHotel. These breaches cost not only business revenue for recovery and fines, but also risk customer trust and reputation within the industry.

Supply chain risk

The hospitality industry also relies heavily on third parties including reservation platforms, food suppliers, and POS system vendors, all of which can bring their own vulnerabilities. Supply chain incidents, like the 2019 French booking firm breach that impacted 600,000 hotels worldwide, are likely to increase as more companies move their data to cloud and SaaS platforms.

A lack of internal resources

Networks within hospitality businesses are in constant use from countless hosts. Many employees who interface with computers in hotels, restaurants, and resorts do not have extensive cybersecurity training or an IT department on hand, so may not be able to spot cybersecurity threats or know how to act on them. With no internal IT team, small and midsized hospitality businesses are challenged with managing compliance efforts for regulations such as the CCPA and GDPR, the latter of which Marriott was fined $23.9 million for breaching in 2020.

In-depth threat visibility for hospitality

To better their cybersecurity posture, hospitality organizations need in-depth threat visibility and automated compliance features that can be managed efficiently by busy staff. A proactive strategy that includes real-time threat detection is vital, particularly considering it takes an average of 195 days for businesses in the hospitality sector to detect a breach.

At Centripetal, we developed CleanINTERNET to provide in-depth, proactive threat intelligence that can bolster cybersecurity posture for hospitality organizations of all sizes, from large franchises to smaller companies. CleanINTERNET aggregates over 3,500 cyber threat feeds for you, analyzing and shielding threats on your behalf and delivering comprehensive, relevant findings to you through our team of expert threat analysts. This alleviates the burden on your existing security team, letting staff focus on your customers and mission-critical business operations. CleanINTERNET saves millions of dollars on separate cyber threat intelligence feeds, helping to mitigate the risk of non-compliance and better positioning hospitality organizations to maintain effective cybersecurity.

Speak to one of our team about mitigating cyber risks in the hospitality sector and mitigating threats with CleanINTERNET.

Tags: CleanINTERNET, Cyber Threat Intelligence, Hospitality