Cybersecurity can affect everybody in a hotel. But for many in the industry, cybersecurity is a sensitive issue. Lots of hotels either don’t want to talk about the issue at all or have very little to say.
In a 2016 study from the University of South Florida, the researcher found that most hotels’ cybersecurity practices are not enough to prevent cyber attacks at all. Furthermore, of the guests the researcher interviewed, 100 percent of the respondents said they didn’t want to stay in a hotel that had experienced any sort of data breach. With multiple high-profile incidents happening over the last year alone, it’s definitely an issue worth getting in front of.
At Cordis, Auckland, IT manager Roshan Perera and IT services officer Greg Jenkins are the resident experts on cybersecurity. They explained that what’s needed to fight cybersecurity is a shared plan across the industry.
“If you examine a recent data breach in the Hospitality industry, it’s obvious that there is an absence of an appropriate system or a security vision within the industry,” said Perera and Jenkins.
Roshan Perera IT Manager & Greg Jenkins IT Services Officer, Cordis, Auckland.
“The entire hospitality industry needs a vision for security and that there is much more to cybersecurity and privacy than compliance or risk. It is important for key players in the industry to develop an appropriate vision in conjunction with compliance and risk. Once a vision has been set then a strategy to deliver the vision should be developed, and this will be every person’s responsibility.
If hotels are unwilling to talk about the issue though it makes it hard to see a scenario where the industry comes together to fight it. This is particularly concerning because of the industry’s vulnerability to cyber threats.
“The hospitality industry, in general, is the most susceptible to cyber-attacks and we at Cordis Auckland keep a diligent eye. We have invested in security infrastructure and building the security awareness within the Cordis team,” said Perera and Jenkins.
According to research from Lloyds of London insurance, 90 percent of big businesses in Europe have been attacked by cybercriminals in the last five years. Of those 90 percent, only half were being concerned about being attacked again. This sort of thinking is particularly risk as cybersecurity is a threat that grows and evolves. The team at Cordis, Auckland has seen it change and adapted to it.
“For the past four to five years it has been very challenging as the internal and external threats has increased tremendously, like fake accounts and intrusions via botnets targeting the reservations, sales and finance teams have become a nuisance. Most of these attacks came from browser impersonators.”
Some baseline evaluation services like the National Institute of Standards and Technology’s Cybersecurity Framework in the US gives companies a benchmark to compare to against their peers. Until most hotel brands agree to a set of standards, the industry’s approach to the issue will be scattered and unified.
