Top cybersecurity challenges faced by modern hoteliers and how they can protect their guests

In recent years, security breaches at prominent hotel chains have made headlines and served as a wake-up call to the industry. To fully understand the magnitude of the circumstances, these sorts of breaches have increased by 11% since 2018 and 67% since 2014. This challenge, combined with other risks such as liability, compliance and guest safety represents a difficult post-pandemic road to recovery for the hospitality industry.

Challenges hotels are confronting

Why is the hospitality sector becoming such a target for cybercrime? For one, while hospitality enterprises conduct fewer transactions than other retail establishments, they collect more valuable, sustainable and varied personally identified information (PII) for each of their guests. Consequently, hospitality is one of the top-5 most breached industries. Guest data is highly sensitive information that hotels gather and store on a long-term basis. What this means is that guests are potentially at risk before, during and well after the actual hotel stay. By hacking a hospitality organization, a cybercriminal stands to gain vitally important personal information which may include:

• Guest names
• Addresses
• Phone numbers
• Birthdates
• Credit card numbers

Currently, 50 percent of hospitality executives are investing in active Internet of Things (IoT) related projects, such as occupancy sensors to facilitate room cleaning, smart HVAC systems to save money, connected room service trays to improve service, biometrics to speed check-in and increase security and many others. These innovations are important ways to improve and personalize the overall guest experience and manage costs, however, there is a downside—they increase the number of potential security vulnerabilities. Add aging technology infrastructure into the mix, and it's no wonder hospitality is one of the more vulnerable industries. The truth is, however, even before hotels began to attempt to deliver an elevated guest experience, the core functionality and structure of most hospitality companies make them particularly vulnerable to cyber-attacks. Hotels run a massive number of endpoints and remote connections. The IoT features in modern hotels simply provide cybercriminals with easy access points into a hotel’s network. For hoteliers with multiple locations, each represents a connection to the network— meaning only one needs to be breached to compromise the business.

To protect their networks and critical guest data, many hotels are working to stay ahead of new risks by investing in cybersecurity solutions. Even so, IT leaders are finding it difficult to manage the volume and complexity of security alerts. It has now reached a point where 42 percent of security professionals say their organization ignores a significant number of alerts because they are simply unable to keep up.

How hotels can protect their networks

It is essential that hotel operators implement an action plan in the event of an inevitable cybersecurity attack. Some of the critical tasks to deploy include:

• Considering the state of your security
• Running tests to assess your cybercrime vulnerability
• Responding to a breach, if necessary
• Working with local, state, and federal authorities

If hospitality companies want to secure themselves, they have to take the critical first step: accept the fact that they run the risk of being breached. Organizations should also explore these essential security measures:

• Hoteliers must modernize their infrastructure
• Train their staff
• Hold their partners accountable
   

What is the right protection for your property?

Keeping a step ahead of cybersecurity threats to your network requires comprehensive and coordinated coverage. Some of these measures include firewalls, unified threat management (UTM), DDoS protection and the support of a network services provider to deliver managed service solutions. When it’s time to evaluate a managed network service provider solution, it’s important that you ask the following questions to find the best protection possible.

• How can you protect us from malware, phishing and other common hotel cyberattacks?
• What protection do you provide against volumetric DDoS attacks?
• Do you provide UTM? What protection does that provide?
• Can your firewall protect traffic between our various sites as well?
• Is a next-generation firewall part of what you offer? What does it provide?
• Do you have an integrated solution that includes a firewall, UTM and internet service to simplify protection?
• Threats are evolving, and our network is always changing and growing. Can you support us and our network investment as the environment and our needs change?
• We have a small technology staff. How can you offload day-to-day administrative work from our staff?
• What type of team and experts will we have access to for service?

It is worth noting, that most experts believe that the cost of implementing new solutions will be considerably less than continuing with their current technology stack, only to end up with unusable and unstable systems within five years. By making decisions with this mindset and instituting best practices for implementing new and emerging technology, hoteliers can achieve their business objectives and reduce the threat of cybersecurity issues in the future.

Spectrum Enterprise can help you confidently navigate the current landscape of cyberthreats by supplying more than just traditional cybersecurity measures for hospitality. With our expertise and the strength of our secure network, we can expertly deliver coordinated protection with sophisticated solutions built to reduce administrative effort and deliver an approach to security that elegantly extends from our network to your organization.