Freely subscribe to our NEWSLETTER

“This is the latest high-profile attack to impact the hotel sector which has been increasingly targeted in recent times. Financially motivated attackers see hotels as valuable targets due to the vast amount of customer payment card details that they hold. It’s also common to see them leverage hotel loyalty and reward points to fund cyber activities in the criminal underground. There is no doubt that hotels have a target on their back, so their security standards need to be top notch.

This is the second high profile attack on IHG since 2017 when the company experienced a security breach that caused disruption for three months, so it raises the question of whether security processes were adequately updated following the previous attack. As IHG grapples with this latest incident, it needs to analyse all the devices connected to the corporate network to find any problematic ones and then take appropriate action to mitigate any further risk. This could include rolling out a patch or removing certain devices from the network. The problem is, most organisations do not have this level of visibility due to the complexity of their IT environments and the number of different tools that they are using. They can’t fix an issue that they can’t see, so this area is vital.

Another important measure that helps to avoid these types of attacks is having the right company culture. This should prioritise cybersecurity and encourage business stakeholders to work regularly in partnership with IT operations and security professionals. You can’t always stop a sophisticated cyber-attack, but by working together to maintain a good standard of IT hygiene and establishing effective employee awareness training you can certainly make it more difficult for the attackers to be successful.”