Guests Believe Hotels Should Invest More in Cybersecurity

Guests Believe Hotels Should Invest More in Cybersecurity

By David DeMoss

We talk very frequently on this blog about how important cybersecurity is, and it’s not without reason. Consumers are now chiming in and stating that they don’t believe that many of the hotels they visit are investing enough in their cyber defense. Why is this important? 46% of consumers say that a hotel’s cybersecurity system influences whether or not they will book a stay with them. While some travelers believe that breach risks are the highest at a restaurant point-of-sale, others believe that a hotel’s WiFi system is at the greatest risk. Whatever the source of the breach is, those using Windows 7 or even Windows XP-based embedded operating systems are putting themselves in greater danger of cybercrime. With the busy holiday season coming up, it’s highly recommended for hoteliers to invest more of their budget into keeping their data safe. More from Esther Hertzfeld, below.

More than 22 million U.S. travelers self-report as being the victim of a cyberattack through their business with hotels, according to the Morphisec 2019 Hospitality Guest Threat Index. The index also found 70 percent of travelers don’t believe the hotels they stay at are investing enough in cybersecurity and nearly half note their trust in a hotel’s cyber defenses influences if they book a stay with them.

The U.S. Department of Commerce shares the sentiments of consumers. Following the Marriott International/Starwood Hotels & Resorts Worldwide breach that was discovered nearly a year ago, U.S. Commerce Secretary Wilbur Ross noted that “many companies have been scrimping on the cybersecurity budget” — both in the hospitality sector and beyond.

With an overwhelming number of consumers stating that the hotels they frequent don’t spend enough to protect their information, Morphisec also examined how lack of trust in a hotelier’s cyber defense could impact current and future business. Nearly half (46 percent) of respondents said their trust in a hotel’s cyber defenses does influence if they book a stay with them, the report states. That number was even higher for female guests, with 49 percent noting a lack of trust in cyber defenses impacting bookings vs. 42 percent of their male counterparts.

Almost 60 percent of consumers said restaurant point-of-sale systems are the most susceptible to cyberattacks within the hospitality industry. Meanwhile, 40 percent of travelers said they believe Wi-Fi breaches pose the most significant threat during their hotel stay, according to the research.

Millennials (24- to 35-year-olds) believe they are most vulnerable to a cybersecurity breach when staying at a traditional hotel rather than when booking with Airbnb. Comparatively, 60 percent of baby boomers (65+) say they are most vulnerable to a cybersecurity breach when booking with Airbnb.

More than 25 million U.S. consumers self-reported that a restaurant visit has resulted in a data breach.

Morphisec surveyed 1,000 consumers, weighted for the U.S. population over the age of 18, to examine how the increasing amount of hospitality cyberattacks and the threat of hackers targeting point-of-sale systems within hotels and restaurants is impacting the mindset of consumers. Earlier this year, Morphisec discovered FIN8, a cybercrime group most known for targeting the retail industry, was actively targeting POS systems within hospitality companies in the U.S. and abroad.

“October is National Cybersecurity Awareness Month and as hospitality companies prepare for the busy holiday travel season, they need to move cybersecurity preparedness to the top of their to-do lists for their growingly leery guests,” Andrew Homer, VP of security strategy at Morphisec, said in a statement. “Increasingly, attackers are targeting weakly defended point-of-sale systems as an entry point into the broader hospitality organization network. With many POS devices in the hospitality industry still running on Windows 7 or even Windows XP-based embedded operating systems, they are increasingly vulnerable to breaches, and cybercrime groups are taking notice.”

To read the full article, click here.