Why is Hospitality a High-Risk Industry?

Why is Hospitality a High-Risk Industry?

Hospitality is at a turning point, and businesses can do one of two things: grow, or stay stagnant. No matter which option they choose, many are leaving themselves vulnerable to cybercrime. 

The hospitality industry is one of the top three most vulnerable sectors in terms of cyber attacks. But why? What is it about hospitality that makes it such an attractive target for today’s cyber criminals?

Ultimately, there’s no one overarching reason why hospitality is so at risk. There are many contributing factors, and these factors can largely be attributed to one of two conflicting aspects: growth and stagnation.

Hospitality is at a turning point, and businesses can do one of two things: grow, or stay stagnant. No matter which option they choose, many are leaving themselves vulnerable to cybercrime. 

1. Growth

In a survey of hospitality leaders, almost half said that they believed a growth in data and digital operations to be responsible for the increasing number of attacks. And they certainly have a point.

In a world where personalisation is becoming key to building positive guest experiences, hospitality businesses are implementing new technologies to collect more data than ever before. This makes companies operating within the industry an attractive target for hackers seeking confidential data. 

Consider how different many hospitality venues look now, compared to just a few years ago. Digital transformation was already beginning to sweep the industry prior to the global health crisis. Then, when COVID-19 hit, businesses were forced to adopt digital-first models for continuity. 

Today, businesses have replaced many traditional face-to-face tasks – such as reserving restaurants or booking spa appointments – with online alternatives. They’re accepting payments for more services through digital channels. They’re using network-connected mobile devices across in-house teams. They’re using IoT to enhance the guest experience, and they’re automating many aspects of operations. 

More growth = more systems.

More systems = more potential entry points. 

This is really a double whammy. Hackers have more possible entry points through which they can gain access – and the quality and quantity of the data they can steal once inside is immense. From guest contact details and preferences to travel information and credit card numbers, the wealth of information hackers can get their hands on from hospitality networks is hugely beneficial to them. 

2. Stagnation

On the other end of the scale, those businesses that aren’t embracing growth opportunities are also contributing to the rise in cybercrime. This may come in the form of outdated, unsupported systems, or a lack of staff training. Research cites these two factors as key drivers of vulnerability in hospitality

Consider the use of legacy systems, for example. These systems are often viewed as the ‘safe’ choice. They’re well established; they’re tried and tested. But at the same time, should support and updates cease for software, they no longer form a secure system. Continuing to use these systems rather than embracing new technologies can increase the risk. 

Next, we need to consider staff training. The cybersecurity landscape today looks very different to yesterday. So while staff may have previously been trained in best practices, organisations that do not invest in ongoing training opportunities for the workforce could find themselves facing a significant skills and knowledge gap. Remaining stagnant in a fast-moving landscape isn’t feasible. 

Compliance is not enough

At Reliable Networks, a very common statement we hear from hospitality businesses is “We’re compliant!”. And that’s great. The problem is that no matter whether businesses are taking the growth road or the stagnation road, compliance isn’t enough. However you choose to approach this new era of hospitality, it’s important to remember that there’s a big difference between being compliant, and taking powerful measures to protect your business, your guests, and your future. 

Compliance means operating in accordance with legal regulations and mandatory rules. Using best practices means operating in a way that truly works for you. At Reliable Networks, that’s what we’re here to help with. We’re here to support you in taking the right action to reduce your risk. 

Gregory Olczyk

Gregory Olczyk