Effective January 1, 2019, Hyatt will begin enforcing their Cyber Security Standard for franchise owners and operators. This standard, based on the Center for Internet Security (CIS) Critical Security Control (CSC) v6.1 framework, will include a self-certification process that begins on February 4, 2019 and has a compliance date of March 1, 2019.
VENZA’S Co-Founder and Partner Daniel Johnson, and CIO David Christiansen on why hotels are an easy target for cybercriminals, what specific areas can hotels reduce their risk of being breached, and what’s the future for PCI DSS standards with these emerging alternative payment methods.
Theresa Payton is a veteran cybercrime fighter who has brought her expertise to everything from the White House as a former chief information officer to the CBS show “Hunted,” where she plays a recurring role as herself. The president and CEO of Fortalice Solutions and co-founder of Dark Cubed recently addressed thousands of hospitality professionals […]
By Jeff Venza, President & CEO Hotel management companies are asking, how does the new privacy act in California compare to the new European Union privacy law? Here is a side-by-side comparison which reveals a few things that hotels should know. The delta between the EU Privacy Law (GDPR) to the California Consumer Privacy Act (CCPA) is: […]
A recent article in CSO magazine references the Cybersecurity Disclosure Act (CDA) of 2015 (proposed last December) and the wide-reaching impact the passing of that law might have. Not least of which is the central role that company leadership must take toward data security risk management. The article begins with the following statement: “Laws frequently […]
On August 28th, the Payment Card Industry (PCI) Security Standards Council published an information supplement entitled, “Best Practices for Maintaining PCI DSS Compliance,” which contains important guidance for all companies, including hotels, that store, process, or transmit cardholder data. In the document, the Council cited statistics demonstrating that “organizations that suffered a data breach were […]
Payment Card Industry Council Says Companies are Responsible for Third Party Security and Compliance
On August 7th, the Payment Card Industry Security Standards Council, the payment card industry’s self-regulatory body, issued new guidance for companies, such as hotels, that share cardholder payment data with third party service providers. The Council released the guidance, entitled the “Third-Party Security Assurance Information Supplement,” in response to its findings that the leading mistake […]