The hospitality and food and beverage industries are the second and third most frequently targeted industries of cyber criminals per the 2015 Trustwave Global Security Report. While the report states that 65 percent of breaches were through POS terminals, the other 35 percent of vulnerabilities were due to the large number of partners they work with. Booking partners that handle room bookings, flights, and car rentals are also vulnerable due to the massive amount of valuable data that they store for their customers. Data stored includes names, addresses, credit card numbers, even passport and driver’s license numbers, but travellers still see the hospitality industry as a low risk for identity theft. People, processes, and technology must come together to prioritise strong data security to protect sensitive data. To do this, an organisation needs access to a cybersecurity expert in Jamaica that will make security a 24/7 priority, help make data security an integrated part of the organisation’s culture, and implement real-time monitoring to prevent information from leaving the organisation.
Defending Against a Pattern of Attacks
Because attacks aren’t often publicised, but are occurring more frequently, it is important to make security a 24/7 priority. A quick monthly check for critical updates will not keep data secure. Cyber criminals strike as soon as a vulnerability has been found. Every day checks for all patch and update types on all user machines, servers, firewalls, modems, routers, and any other machines on the network must be done to reduce the chance of allowing sensitive data to leave the organisation. This is true for even small hotels and hospitality businesses, as cyber criminals see them as especially vulnerable.
Data security must be deeply ingrained into an organisation’s culture. Nearly all data breaches are the result of human error. Everyone in the organisation needs to be trained to detect attempts to socially engineer sensitive information from them and abide by password change policies.
Implement intrusion detection. With so many business partners, the hospitality industry must accept the likelihood that either their systems or their partners’ may be infected with malware, and it may have been in the system for a very long time. Along with security management and threat intelligence services, implementing intrusion detection can mitigate damage caused by previously unidentified malware and decrease the chances that sensitive information is leaving the organisation.
Impacts of a Breach
Cyber criminals seize any opportunity to capitalise on the data that passes through weak hospitality networks. More than just credit card data, hotels store contact information, birth dates, passport data, and even some medical information, all of which can be used for fraud or extortion. It is critical to understand how data is stored and moved around both inside and outside the organisation to protect the organisation as well as the individuals who could have their personally-identifiable information compromised. The organisation is responsible for reaching out to individuals whose information has been compromised and may face liability claims if it is found that the security was deficient.
To help prevent the possibility of a breach, use security management solutions such as those offered by Info Exchange, leading cybersecurity experts in Jamaica. Contact Info Exchange today at www.infoexchangeja.com, email mybusiness@infoexchangeja.com, or call (876)931-9552 to learn more about how we can protect your organisation and its reputation.
