Connect with us

Know

FIBA/FRLA host cybersecurity panel for hospitality executives

Cybersecurity and hospitality professionals came together today to discuss why security training and protocols are essential for businesses.

Michael Connor

Published

17 hours ago

on

From left: Panelists Michael Worlund, Wes Santos, Ean Meyer and Chon Nguyen; moderator Joe Hamilton. Photo by Michael Connor.

Florida-Israel Business Accelerator and Florida Restaurant & Lodging Association hosted the latest in their series of hospitality innovation events Tuesday. This time the topic was cybersecurity and its impact on the hospitality industry. The event, held at the Grand Hyatt Tampa Bay, featured a panel of cybersecurity and hospitality professionals. 

Panelists included Chon Nguyen, Partner, Proper House Group; Wes Santos, General Manager, Art Ovation Hotel, Autograph Collection; Ean Meyer, Security Architect, GuidePoint Security; and Michael Worlund, President, CMIT Solutions of Brandon-Lakeland

Cybersecurity threats occur every day, but the hospitality industry faces unique challenges because its product is leisure. Panelists noted that this creates a higher bar for non-invasive security measures that don’t disrupt the customers relaxation. Santos said that as a hotel operator, he “expects his security methods to be invisible.” 

It’s also an industry where building rapport between employee and guest is a measure of success. It’s that same rapport building that cybercriminals use to social engineer employees into giving up information that can be used in future attacks. 

Often scammers will research company executives and employees in advance on social media platforms to try to find personal details that could help them build a rapport, Meyer said. 

For example, a con artist might see if a hotel manager has a favorite pastime and then make a nod to that hobby when in conversation with the manager. This would help create trust, he added. Once a bond is forged, the manager might be more likely to believe that the scammer is a legitimate guest or vendor, and not someone trying to gain access. 

Some scammers may even try to portray company leadership, Santos said. He experienced it in his own career. A con artist created a fake LinkedIn profile and pretended to be Santos’ CEO and asked him to purchase gift cards for other employees using the company’s funds. 

“All it takes is getting that first entry level manager that’s trying to do the right thing and trying to prove themselves,” he added. “For a split second, even myself, I thought ‘why is this gentleman reaching out to me? I just spoke to him last week.’” 

Training employees “to be on the lookout for these things” is important, Santos said. 

“Verify every time someone calls you or texts you. Make sure you know who that person is,” Worlund added. “Make sure it’s a legitimate request from a legitimate person.” 

“As an operator of restaurants and hotels, just do your best to educate yourselves and show your team members that it’s not something we’re just checking a box for,” Santos told the audience. 

“You want to create a culture of cybersecurity,” Worlund explained. Everyone in a company should be on the same page when it comes to security measures and policies. 

But creating that culture isn’t easy, especially with all the noise and conflicting information in the cybersecurity space. Worlund shared some of the common misconceptions he’s heard from executives just like the ones in the audience. 

One mistake is thinking that antivirus software and firewall systems are enough. Worlund said they aren’t. Most antiviruses are reactive, and not proactive because they “rely on a known and static database of threats.” He said that criminals are now repackaging old viruses and re-releasing them with just enough differences so they don’t trigger the antivirus software.  He added that “the key to security is layering, and there are ways to do that at a reasonable cost.” 

Cost was a hot topic, with all on the panel agreeing it was far too common for companies to underfund cybersecurity initiatives. 

When asked how to prioritize work on a limited budget, Meyer said it was key to truly understand the core business elements required to keep operating if there were an attack, or even a natural disaster. “If you’ve got a connection between to properties that is required to make bookings, what are you going to do if that connection is severed?”

There are many things that can go down that do not cause business to stop. He implored the executives on hand to “find the things that can shut down a business and make a plan to mitigate those risks.” 

Nguyen ended the panel with a call to action: “Just do something. Inaction is probably the worst thing you can do.” 

Joe Hamilton, publisher of the St. Pete Catalyst, moderated the discussion. 

 

 

Share
Tweet
Share
Related Topics:
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Please fill out all the form entries below. We do not publish anonymous comments. Comments are held for moderation per our posting guidelines - please read them. We appreciate your taking the time to share your perspective on how to improve our community.

By posting a comment, I have read, understand and agree to the Posting Guidelines.


The St. Pete Catalyst

The Catalyst honors its name by aggregating & curating the sparks that propel the St Pete engine.  It is a modern news platform, powered by community sourced content and augmented with directed coverage.  Bring your news, your perspective and your spark to the St Pete Catalyst and take your seat at the table.

Email us: spa**@************st.com

Subscribe for Free

Subscription Form

Privacy Policy | Copyright © 2020 St Pete Catalyst

Share with friend

Enter the details of the person you want to share this article with.