Banner triangles

Hotel industry does not fully understand cyber risks, expert panel hears

The hotel industry needs to do more to protect itself from the threat of cyber attacks and IT failures, national law firm Shoosmiths is warning.

At a cyber security workshop led by Shoosmiths partner Ed John, half of the senior figures from the hospitality industry who were surveyed admitted they did not know whether their businesses had suffered any losses due to IT failures. On top of this, 71% said they had not or were unsure if their businesses had carried out a cyber security risk assessment.

Ed said that an industry so reliant on IT and one which handled such a large amount of personal data needed to do more to ensure it could protect itself - and its customers - from data breaches.

"At a time when data can be used and abused in so many ways, it is crucial that any industry puts in place a raft of protective measures that will ensure its customers' safety and minimise the risk of damaging a company's reputation - sometimes irreparably," he added.

"At the very least I would expect organisations to be conducting a cyber risk assessment. Some of the results of our poll were surprising; the general consensus of the day was that the discussions were an eye-opener for many and has certainly pushed this issue firmly up their agenda."

The workshop panel also included Jesus Molina, co-chair of Security Working Group at Industrial Internet Consortium; ISG Technology Solutions head of technology Paul Cook; UKGlobal Broking Group director Richard Hodson; and Moyn Uddin, cyber security consultant at QDOS Communications.

Another topic which was also covered in detail included the General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018. GDPR will significantly heighten the responsibilities of data controllers and processors as well as the rights of individuals. It will also introduce potential fines for non-compliance of up to 4% of an organisation's global annual group turnover.

To steer organisations through the introduction of GDPR, Shoosmiths has set up an online GDPR Hub. Led by partner JP Buckley, it contains a range of toolkits and services - from easy to understand bite-size downloads of the key changes in the GDPR through to our bespoke methodology for addressing GDPR readiness. This - the GDPR DRIVE - is Shoosmiths' configurable methodology for ensuring businesses can be ready for May 2018.

The workshop took place at the Annual Hotel Conference at the Hilton Deansgate, Manchester on 12 October 2017.


This information is for educational purposes only and does not constitute legal advice. It is recommended that specific professional advice is sought before acting on any of the information given. © Shoosmiths LLP 2022.


Read the latest articles and commentary from Shoosmiths or you can explore our full insights library.