Why Hotel Operators Need to Concentrate on Technology Compliance & Cybersecurity in 2022

In their 2021 mid-year cyberthreat report, SonicWall identifies that the US was by far the biggest victim of ransomware. The report identifies an alarming rise in the number of ransomware, malware, and IoT attacks across the world. 

Mostly attributed to the massive migration to touchless services, remote work, and digital services to get life going after the pandemic, this sharp rise in cyber threats was also identified by Nusoire in their Q2 2021 Threat Landscape Report:

  • Malware events 3,718,947
  • Exploit events 19,371,167 
  • Botnet Events 540,332

Hospitality Businesses – Technology Compliance and Cybersecurity  

While the ever increasing trend of technology migration and digitization has allowed hotels and resorts to significantly enhance their services, it has given rise to several security issues across properties. 

Historically there have been serious cybersecurity threats for the hospitality sector, primarily because of the sheer amounts of data they carry. The crucial need to collect guest data and the access hotels have to payment data makes the hospitality a top ransomware victim. 

Hospitality operators must ensure the compliance and security of their technology assets, in accordance with prevailing guidelines like the 12 PCI compliance rules. Enforcing these simple rules allows hoteliers to identify threat surfaces, technology gaps, and allows them to look at more critical issues like efficiency and technology performance. 

Why Hoteliers Needs Technology Compliance and Cybersecurity in 2022

The phenomenal increase in cyberthreats is affecting business in a time when hospitality is already getting back to recovery. One of the latest cases was at the Melia Hotels International in one of their Spain properties. 

Melia Hotels reported on October 4th 2021 that their web based reservation system and their internal work network was hacked during the breach. 

Today, hotels and resorts are dependent on technology to assist in back-office operations, like payments, inventory, room service, check-in and reservations. Now with mobile based room keys and digital payments becoming popular it has become critical to be compliant and secure. 

Technology deployed in hotels including computers, phones, smart TVs, POS machines and the WIFI networks they consume are highly vulnerable to ransomware events. Cybercriminals usually lock down systems using malware demanding ransom payments to unlock the data.

Cybersecurity company IRONSCALES estimates that the average cost of a cyberthreat event can be up to $4.2 million.

One of the most popular breach events is that conducted through hotel payment systems, usually acquired through hacking a 3rd party vendor. Hotel operators must ensure their technology assets are compliant and from a vetted third party vendor. This is where professional vendor management is essential for hospitality operators.  

At AHT Inc. our business risk assessment services ensure exactly that. Our technology management professionals identify all risks to the payment platform and POS machines, these liabilities are then mitigated by developing a complete security regimen. The liability of a data breach is therefore shifted from the hotel to the vendor. 

In 2018, an IBM research report identified that human error was the leading factor that causes data breaches in organizations. One of the biggest challenges for hotel operators is to ensure the timely and relevant training of their staff members.  

Phishing scams and clickbait events are usually triggered through human error. It is essential for the hotel management and staff to understand the types of cyber events they can face, in addition to how to counter such events in real time. 


As more hotel services are migrated to technology, it becomes even more important for the hotelier to mitigate against the arising liabilities. Data management and information security are essential to maintain a safe work environment and delightful guest experiences.

Learn more about liability management and risk assessment from one of our sales team. Our team is available on Live Chat to help you 24 hours.