According to statistics, roughly 45% of the world population has access to the internet today, which amounts to an estimated 3.4 billion individuals. While the near endless possibilities offered by the internet make our lives a lot easier, they are also open to those willing to take advantage of others.
The entire concept of hospitality is revolving around customers, and the ability to know and target them; it requires a great deal of personal information. Hotels are usually data treasure troves, which store personal information of millions of travelers every day. That certainly explains why cybersecurity is one of the big issues for the hospitality industry.
Let’s consider the average hotel stay: the process begins and ends with credit card details. They are a specially weak spot for hotels, as every process, be it online bookings, drinks at the bar or treatments at the spa, requires payment by credit card. Furthermore, they can be hacked in two ways: physically through the cardreading device, or virtually through access of the card details alone. This makes credit cards especially vulnerable and therefore prone to cyberattacks. But the risk of lacking cybersecurity extends further than just guests’ credit cards.
The hotel Wi-Fi, for example, could be used to access guest’s private devices, such as mobile phones and laptops, or personal guest information could be leaked from hotel servers and databases if their protection is lacking. Considering that privacy and discretion are paramount in the hospitality industry, information leaks have huge negative effects for businesses.
Generally, all of the guest data is highly sensitive information which hotels gather and store on a long-term basis, meaning guests are potentially at risk before, during and well after the actual hotel stay. Therefore, hospitality businesses should be very concerned with the security of their data and strive to protect themselves and more importantly, their customers.
Should the case of stolen data occur, the “aftershocks” affecting hospitality businesses can take on huge proportions. The hotel’s problems start with a loss of trust and therefore business by the guests who were affected, and go on to legal issues which could potentially lead to time and money consuming lawsuits. Additionally, the negative publicity would most likely have an impact on the hotel’s reputation and they could consequently suffer significant financial losses. Several prominent hotel chains such as Hilton, Starwood and Trump Hotels, have already been the targets of hacks and data leaks last year. As Hilton operates over 4’500 properties in 97 countries, millions of guests might be affected by the 2015 cyberattack of Hilton alone.
So what can and should be done in order to avoid such disasters?
Firstly, measures should be put in place to prevent cyberattacks from happening in the first place. This could include staff training and awareness, regular system checks, as well as the conducting of regular risk assessments. Hotels should try to keep up with the “trends” of hackers and strive to protect themselves by adapting to popular tricks. Another counter-measure can also take the form of insurance, which would remove some of the financial burden should the hotel be subject to a cyberattack after all. Secondly, hospitality businesses should prepare for the worst-case scenario of being hacked by implementing emergency plans.