Digital Bodyguard
By Heinz Wehrle on 29/03/2022
Digital Bodyguard as Part of Hotel Asset Management
Taking care of a hotel property as the owners’ representative encompasses supporting the operators and ascertaining the future protection of valuable data.
Digitalization has tremendously transformed the way business is conducted over the past decades. These technological innovations led to an alternated criminal business model. Whilst in the beginnings of digitalization, cybercriminals were targeting specific companies for industrial espionage, or to increase their reputation amongst the hacker community, it has changed nowadays to pure hacking-for-profit, targeting any potential victim.
Contrary to physical security items like fire alarms, smoke detectors and the physical threat – a fire – that are visible to anybody, cybersecurity cannot be seen from the outside, and prevention, as well as threats, can only be assessed by seasoned experts. To continue the fire analogy: The effects of an actual fire are widely known – property destruction, loss of revenue, bodily harm and, in the occurrence of violations, regulatory fines. Although Cybersecurity incidents only seldom lead to bodily harm, they can result in the destruction of property (data), loss of revenue (non-functional IT-system), as well as regulatory fines (GDPR) and reputational damage.
In the hospitality industry, guests trust their hosts to provide a pleasant and safe experience during their stay. Therefore, it is of the utmost importance to ensure that these non-tangible cybersecurity measurements are kept to a high standard as well.
Similar to physical security, cybersecurity measures are implemented, monitored and controlled in multiple layers, comparable to an onion. To penetrate the inner layers of the onion, a threat or attacker has to pass through multiple layers from the outside towards the centre. In the hotel industry, these layers would be the property grounds, the actual building, the inner common areas, employee-only areas and ultimately the guests’ rooms. In terms of cybersecurity, these layers can be associated as follows:
The Darknet
Whilst the Darknet might appear similar to the internet, it has two fundamental differences: There are no generally available search engines, which provide all the possible information one might look for, and there are no legal processes and entities, which could remove sensitive or unlawfully obtained information. Sensitive data will often be posted on the Darknet to either blackmail the affected entity or tease its content in order to sell to other criminals. Therefore, it’s important to monitor the available information about entities continuously and act accordingly with countermeasures to prevent more information from leaking to criminals and/or to minimize damages.
The Internet
Despite being one of the most impactful innovations of the last 50 years, the internet also poses risks to a business. The increased possibilities of risks and threats include cyberattacks, social engineering or impersonation of brands/businesses/people. Nowadays, a hijacked social media account can wreak tremendous damage to the reputation and trust of a company, and worst-case, drive down the stock price, thus decreasing the business value. With the right partner at hand, this information can be monitored, controlled and, if necessary, removed.
The Internet-Uplink
The internal IT-Infrastructure: The actual connection point between the hotel property and the World Wide Web serves multiple purposes. It often hosts various services like websites, mail servers or other services available to the public. From the inside, the uplink is used either by staff to conduct business or by guests to provide a fast surfing experience. Also, the perimeter acts as an interface to third-party partners, who either submit or receive information. If these interfaces are not carefully implemented, a business might suffer from a so-called supply chain attack, where the attacker gains access to (multiple) businesses at once, by infiltrating just one common supplier amongst the supply chain. If this perimeter is not carefully planned, maintained or audited, cybercriminals will be able to cross the barrier into the property itself – either by viruses, Trojans, ransomware or other types of malware.
The internal IT-Infrastructure
Once an attacker was able to gain a foothold inside the business, it is unfortunately often too easy to gain full control over all systems and their data. Depending on the attacker’s intention, the area of focus would be espionage on VIPs, theft of personal information, theft of credit card data or flipping the kill switch and deploying ransomware, rendering all IT systems unusable. These attacks are especially heinous, as usually an attacker can move freely, avoid detection and can search and also find the most valuable assets (often most damaging for a business) from an attacker’s point of view. A disastrous example from the hotel industry would either be the theft of all the confidential client data, which would lead to identity theft and massive reputational damage, or the complete de02activation of a keyless entry system that would make the property uninhabitable until the problem could be fixed.
Whilst a single hotel might be able to get quick help from the supplier, a supply chain attack based on the vendor side could lead to an enormous number of properties being unavailable, and even with the supplier’s best intentions, leaving them out of business for multiple weeks or months.
Horwath HTL partnered with ENYO Cyber Intelligence as we have a common goal – to help the business to cultivate a high level of asset value whilst maintaining a steady income and growth for the future. As the past few years have shown, criminals are becoming more sophisticated, and damages resulting in cyberattacks are increasing. Equally, fines resulting from regulations become an incalculable risk, if there are no proper controls and management implemented, resulting in an increased level of uncertainty concerning the business success.
ENYO Cyber Intelligence (powered by ARES) identify themselves as digital bodyguards. Since no physical bodyguards would provide a client with a bulletproof vest and wish them good luck in using it, they see themselves as full-service partners in the matters of cybersecurity, offering a wide area of customized, managed services. These range from Darknet investigation, digital risk protection, penetration testing, as well as high-level consulting services in the areas of GDPR, ISMS, cyber crisis assessments, thus improving the resilience against cyber-attacks and lowering the risk.
Find more information in our brochure: