Last month, two hotels in Austin, Texas were victims of malware that may have compromised hotel guests’ sensitive credit card information over an approximately 6-month period. This malware incident occurred despite security measures that White Lodging, a company that operates ten properties nationwide (including hotels as a franchisee for Marriott and Starwood), took in response to a prior malware incident in 2014. Mandarin Oriental Hotel Group fell victim to a nearly identical breach in March 2015, when its credit card systems were remotely accessed and customer information was stolen. Unfortunately, these incidents demonstrate that hotel operators’ vulnerability to data breaches remains high.
As cybersecurity storylines permeate the news cycles, hoteliers’ vigilance has increased. But sometimes, it’s better to work smart than to work hard. The proliferation of cybersecurity vendors has created a buyer’s market, however, choosing the right cybersecurity vendor is critical to insuring that your business is protected. Considerations when picking a cybersecurity vendor should include:
- An inquiry of that vendor’s specific experience in different verticals: is its experience primarily in protecting hi-tech manufacturers, but your company is focused on hospitality?
- A deep understanding of what it is that you are seeking to protect: the recipe for Coca-Cola; customer credit card data; proprietary customer lists?
- Whether your prospective vendor’s primary experience is focused on data stored locally, remotely, or in a cloud.
Engaging a cybersecurity vendor to consult on your business’ cybersecurity is no longer optional. Choosing the right expert is, still, rife with potential land mines. While investigating the right cybersecurity firm, be sure to ask the right questions.