Cybercrime Fighter Theresa Payton Talks Data Security and Hotels

Theresa Payton is a veteran cybercrime fighter who has brought her expertise to everything from the White House as a former chief information officer to the CBS show “Hunted,” where she plays a recurring role as herself. The president and CEO of Fortalice Solutions and co-founder of Dark Cubed recently addressed thousands of hospitality professionals […]

What Hotels Need to Know About the California Consumer Privacy Act

By Jeff Venza, President & CEO Hotel management companies are asking, how does the new privacy act in California compare to the new European Union privacy law? Here is a side-by-side comparison which reveals a few things that hotels should know. The delta between the EU Privacy Law (GDPR) to the California Consumer Privacy Act (CCPA) is: […]

Cybersecurity Disclosure Act of 2015

A recent article in CSO magazine references the Cybersecurity Disclosure Act (CDA) of 2015 (proposed last December) and the wide-reaching impact the passing of that law might have. Not least of which is the central role that company leadership must take toward data security risk management. The article begins with the following statement: “Laws frequently […]

PCI Security Council Releases New Best Practices Document for PCI Compliance

On August 28th, the Payment Card Industry (PCI) Security Standards Council published an information supplement entitled, “Best Practices for Maintaining PCI DSS Compliance,” which contains important guidance for all companies, including hotels, that store, process, or transmit cardholder data.  In the document, the Council cited statistics demonstrating that “organizations that suffered a data breach were […]

Payment Card Industry Council Says Companies are Responsible for Third Party Security and Compliance

On August 7th, the Payment Card Industry Security Standards Council, the payment card industry’s self-regulatory body, issued new guidance for companies, such as hotels, that share cardholder payment data with third party service providers.  The Council released the guidance, entitled the “Third-Party Security Assurance Information Supplement,” in response to its findings that the leading mistake […]