News & Stories

Marriott’s Massive Cyber Security Data Breach Highlights Need for Risk Management

Posted in Commercial Insurance Tips, Cyber Insurance

Marriott’s Massive Cyber Security Data Breach Highlights Need for Risk Management

In late November 2018, Marriott hotels reported one of the largest security breaches of personal data ever – once again demonstrating the vulnerability of the industry and growing importance of cyber insurance.


Vulnerable Data Calls for Risk Management

It was a rough day for the execs at Marriott. Reports allege that the personal information of up to 500 million guests in its Starwood reservation system may have been exposed in a hack. Compromised personal information could include names, mailing addresses, phone numbers, email addresses, passport numbers, date of births, and even encrypted credit card numbers.

Cyber experts suggest that the Starwood chain may have been a target due to the mass customization and customer service-focus of their operations. The significant amount of personal data held by hotels makes them prime victims of cyber attacks.

READ MORE HERE ›

How Can Your Hotel Business Prepare?

Corporate Account Manager and hotel expert, Steve Cox, shares his top three risk management tips for hotels in the face of growing cyber security threats. 

1. Segment and secure your data

Segment your information between web servers and database servers to make it harder for hackers to access and understand. Additionally, always have a back-up strategy. Your data is your business, but it also your responsibility to protect it. Have a plan in place for how this data will be securely stored and used. 

Maintain your software by always having the most recent editions and keeping up with updates. Companies are constantly improving their cyber security, and using the most up-to-date version will help ensure that cyber criminals cannot easily access the data. 

Install and maintain a firewall and antivirus software on all digital systems that interact directly or indirectly with customer data. Access to client, employee and vendor devices via wireless or LAN connects are a constant risk.  

2. Have the proper insurance policy for your risk

The risk of a cyber security threat is significantly higher in the hospitality industry due to the large amounts of personal information kept on file. Hotels and their staff have many touch points with their clients before, during and after their stay. Malicious materials will seek to access customer information such as addresses, credit cards, spending/ buying preferences and remote electronic access.

Insurance companies offer many different types and sizes of cyber coverage to keep your business safe in the face of costly cyber security threats. These options can include protection from ransomware, work-stoppage, legal fees and IT recovery services. We encourage you to take the time to investigate the best strategy for your needs and to ensure that your insurance policy covers cyber security issues for your hotel.

3. Be smart about responses

A public announcement of the data breach should be made promptly and in an informed manner. Hotel managers should begin by gathering and verifying all relevant information. Take advantage of cybersecurity professionals who can identify sources of intrusion, assess the extent of the breach and provide details of the compromised material.

Hotel managers should also notify their security teams at the corporate level so that actions can be taken to protect related properties and their guests.

Taking these steps will ensure that customers can be properly advised and further exposures are limited.

Does Your Hotel Business Policy Include Cyber Insurance?

If you don't know the answer to this question it's a good idea to speak to your commercial insurance broker sooner than later. As your trusted insurance advisor, your broker will be able to help you understand the impact on your business of the changes to Canada's federal private sector privacy law.

Book an Appointment Today  

Related Articles View All

Marriott’s Massive Cyber Security Data Breach Highlights Need for Risk Management

In late November 2018, Marriott hotels reported one of the largest security breaches of personal data ever – once again demonstrating the vulnerability of the industry and growing importance of cyber insurance.

Understanding Cyber Insurance Technical Terms for Your Business Insurance

As of November 1 2018, businesses must submit formal notification of cyber breaches under Canada's federal private sector privacy law. Learn the key cyber insurance terms in this reference guide. 

New Privacy Rules come in force – making it important that businesses operating in Canada take Cyber Security Seriously

Important changes to Canada's federal private sector privacy law take place on November 1, 2018 – mandating businesses to submit formal notification of any cyber breaches. 

What is Cyber Insurance... and does my business need it?

Cyber Insurance is increasingly becoming one of the most important coverages for all Canadian businesses – and it offers protection against the effects of cyber-related crime against your organization.

‹ Back to Commercial Insurance Tips 

Your quote, your way.

At McConville Omni, we take the time to get to know you – so that we are fully confident that we are bringing you the very best insurance coverage for you, your family and your business.

Get Started With A Professional Broker