The hospitality industry must take a strategic approach to tackling cyber security.

Rupert Gutteridge talks about tackling cyber security

As the range of technology platforms and tools continues to expand and evolve, so too does the risk of a cyber-attack and the strain on a company’s operations that comes with it.

Such a risk is becoming an increasing challenge for both the hospitality industry and the wider leisure industry as firms become ever more reliant on technology to facilitate payments, for example, in addition to the general move towards cloud computing.

Official figures value the cost of cybercrime to the UK economy at £10.9 billion in 2015-16 (according to data from Get Safe Online and Action Fraud, published in October 2016). Despite this, it is estimated that only 10 per cent of chief executives have taken proactive steps to protect their company’s technology - the foundation of their operations.

In an effort to motivate companies to take cyber security and data management more seriously, the new EU GDPR regulations governing the protection and handling of data are due to come into effect in May next year, bringing with them severe penalties for companies that breach them. As a result, it is more important than ever for senior management to take steps to protect their companies and the personal data they hold.

So how should hospitality companies navigate their way through this brave new world and ensure their data, assets and operations are best protected?  One area that does demand a priority focus, in an industry that is characterised by a high volume of transactions, is payment security.

In the current hospitality market, there are a huge number of service providers providing online payment tools. This, in turn, demands a high level of security across the payment processes to ensure payments are made safely and securely to deliver peace of mind to both the guest and the operator. To achieve this, operators must ensure that the payment services they offer are Level 1 payment card industry (PCI) compliant. Having such secure payment gateway services in place can enable hoteliers to process their customers’ card transactions in a totally PCI compliant way. They can also benefit from a safe and secure method of storing and processing credit card details which can form part of their overall PCI compliant policy.


Both government and the industry continue to take proactive steps to tackle the threat of cyber security. Without an effective strategy and tools in place, many hoteliers run the risk of compromising the safety and security of their guests and their operations, therefore leaving themselves vulnerable to a cyber-crime attack. Remaining vigilant and ensuring your operating systems are regularly updated is key.

Hoteliers cannot afford to be complacent. Guest data is a valuable resource for the protection of your business and the consequences of not safeguarding it can be severe.  Being prepared is an ingrained service ethos of the hospitality industry, and it has never been more important to transfer these skills across to fully secure your systems and technical support.

Posted in: