By now, the prevalence of ransomware attacks is hardly news. It is well documented that the threat of ransoms has been surging and shows signs of only accelerating in 2023. Ransomware has become so frequent and harmful that top security researchers have referred to it as a “scamdemic.” 

Most hoteliers also probably understand the significant cost of ransomware. In an industry underpinned by guest trust in security, hotels risk severe reputational damage from a public incident, in addition to the ransom’s large direct financial costs.  

This has been made evident in a string of recent attacks targeting hotels. In mid-December, the German H-Hotel chain was hit with an attack that, beyond all the previously noted consequences, left them exposed to a potential GDPR violation. This came on the heels of events targeting Nordic Choice Hotels in Europe and The Allison Inn & Spa in the United States. 

Ransomware has not been limited to large multinational companies, either. Increasingly, cyber actors are targeting “mom and pop” businesses for payments as little as $500. 

In the face of these risks, VENZA recommends approaching ransomware practically. That requires understanding data protection as a process and identifying clear, tangible steps that your organization can take to incrementally improve your security profile over time. 

Below are some of our specific recommendations for how to do so. 

1. Maintain good IT hygiene. 

The best defense against ransomware is prevention. Since the points of entry for an attack are wide-ranging, strong security must be developed comprehensively through a top-to-bottom program that includes the “human firewall”, systems, and physical devices.  

Core elements of this approach include: 

• Enhanced email security, including defense against phishing attacks 
• Hardened infrastructure, including user endpoints 
• Ransomware-proof data with offline backups 
• Comprehensive security awareness training 
• Developing and testing an Incident Response Plan 

Once you’ve made improvements, verify that they are effective with penetration testing, vulnerability scanning, and phishing simulations. 

It may not be possible to eliminate all ransomware risk, but good IT hygiene can decrease your chances of an incident, make cyber criminals less likely to target your organization, and increase the likelihood that you’ll qualify for affordable cyber insurance. 

2. Invest in a Security Operations Center (SOC). 

The days of IT security being managed by a single person, or even a small team, are gone. Responding to modern security threats requires advanced security tools and 24/7/365 coverage. Accordingly, hotels have increasingly turned to managed security service providers like CyberTek MSSP.  

With tools like Endpoint Detection & Response and Log & Threat Monitoring, MSSP engineers can maintain full visibility of your IT systems and use intelligent tools to rapidly quarantine and remove threats. 

Characteristics to look for in a SOC: 

• Automated response. Modern tools can maintain a current index of known threats and use AI and machine learning to automatically block malicious email domains, delete files, ban hashes, or quarantine hosts. 
• Continuous surveillance. Tools should be capable of providing a unified view of your IT environment to comprehensively detect threats around the clock. 
• Industry knowledge. As recent entrants to the MSSP space, some IT security companies lack awareness of the unique structure of hospitality. Finding an MSSP partner that is familiar with the needs of hotels is crucial. 

3. Plan for mitigation. 

With ransomware, it is wise to follow the adage: “hope for the best but prepare for the worst.” You should always assume that a breach is possible and put effort into attack detection and containment. 

VENZA recommends: 

• Developing a playbook for incidents and practicing its execution. Be sure to involve all key stakeholders and have processes defined in advance. Using resources like VENZA’s Policy Template Library gives organizations a formula to start, then tailor to fit their individual structure.
   
• Maintaining awareness of legal obligations, including regulations on payment and reporting. Rules in this area are constantly changing and trending toward a norm of “if you pay something, say something.” 
  
  
• Identify outside resources. Connecting with a high-quality Incident Response Provider and forensic investigators gives you expert guidance to navigate a ransomware event. However, in a real-world scenario, minutes matter, so act now to know who you will turn to in advance. 

• Contain costs with cybersecurity insurance. Third-party coverage is available to offset a portion of the expense of a ransomware event. Insurance is not a standalone solution, but can complement other measures discussed here by creating a financial cushion for affected businesses. 

The threat of ransomware cannot be addressed with one policy or resolved overnight. When approached practically, though, your odds of staying secure can quickly improve. 

Ready totay ahead? Contact Sales to discuss signing up for our programs or adding new solutions to your contract. 

Take VENZA’s free Phishing Test to assess gaps in your human firewall today! 

Get started by determining your risk and readiness level using this free tool.