We caught up with business partners Mitigo to put them under the spotlight to talk to them about cyber crime within the hospitality industry.
Tell us more about Mitigo and how you help the hospitality industry.
Working in partnership with the Institute of Hospitality and its members, Mitigo offers you a unique cybersecurity service designed to protect you from loss of customer data, financial fraud, business disruption and damage to your reputation. Going beyond just technology, Mitigo will assess the risk to your business, make sure you’re secure, train your people, and keep you secure and in control. All for a competitive fixed monthly cost.
How can you save hospitality businesses time and money?
Mitigo gets your business in fit shape so you don’t need to spend time and money dealing with the consequences of a targeted attack, whether that be loss of data or a disruption to operations. A data breach could cost the business a hefty fine from the ICO. ICO penalties are €20m or 4% of turnover, whichever is higher, potentially devastating for a small hospitality company.
By outsourcing your cyber security to Mitigo you are saving time and money on internal resource. The expertise we provide means you spend less time on trial and error solutions.
We see lots of our clients spending unwarranted amounts of money on extra software to secure systems that, if configured properly would do the job they needed it to in the first place. At Mitigo we look at all the systems in place and advise what is needed to keep you secure.
Most of all we save the time spent worrying about the job ahead. Sometimes the challenge of securing your business can seem like a huge mountain to climb. We will work closely with you and provide a full risk assessment to work out the best path ahead.
Describe some of the other ways you have helped your clients.
We recently helped a client in the hospitality sector that had suffered a malware attack. The malware had been downloaded onto the operation director’s mobile by her clicking on a video link on social media. The software on the mobile wasn’t up to date, if it had been the malware would have been instantly detected. This allowed it to infiltrate the network and email all users on the Office365 Outlook account downloaded to her phone, which then provided access and triggered an email to the customer’s full contact list.
The Mitigo service allowed the organisation to better train its staff to prevent clicking on links in emails and social media that may be malicious, put policies in place to guarantee software is always up to date and secure technology to be resilient. Having your people, policy and technology lined up and working together will reduce the risks in situations such as this.
We’ve helped clients with many other solutions such as; configuration of Office 356 to be resilient against attack, help with gaining accreditations, fulfilling supply chain questionnaires and completing your compliance against the security articles of GDPR.
Is cybercrime still on the rise?
The more connected we become the more opportunities attackers will have to access valuable personal data. Technology has revolutionised organised crime.
The 2019 cyber breaches survey outlines a rise in the number of breaches per organisation. Cybercrime is not only on the rise but getting more sophisticated as attackers quickly learn where vulnerabilities are and use more automated systems to target organisation more specifically.
Tell us about your three steps to cyber security.
At Mitigo we address three pillars of cyber security, these are technology, people and governance.
Technology is about working with your IT people to make sure that you have the right systems in place, and that your network and devices are protected from the ever-increasing range of cyberthreats.
People – though they’re often unaware of it – are by far your most easily exploitable security weakness. So, this is about building knowledge and awareness, and providing the tools to change behaviours.
Governance is about process, the policies, guidance, maintenance and controls that help ensure that systems are working and legally compliant, that people know what’s expected of them and take the appropriate action.
What do you think makes the hospitality industry so special to work in?
The hospitality industry is a vibrant and unique environment and what makes it so special to work in are also the challenges you are faced with daily, such as; the importance of the customer relationship, huge amounts of customer data, staff turnover, lots of daily communications and distributed points of technology due to multiple sites.
If you could only share one piece of advice for hospitality businesses, what would it be?
Don’t do nothing.
Recognise that the world has changed dramatically in a short space of time. There are three key changes that are worth taking note of:
- GDPR represents a huge change in legal obligation. We find that many hospitality companies have geared up to deal with the requests to delete records, but not necessarily to fully comply with the security articles outlined in the new principles.
- The automated nature of attacks now means that it’s not only the large corporates that are being targeted; smaller businesses are being breached daily.
- Your IT supplier won’t cover your cyber security needs. Don’t assume and don’t be complacent.
You are an Institute of Hospitality Business Partner, why is the IoH so important for our industry to support?
In any industry collaboration is vital in order to grow. Innovation only happens when great minds share experiences and work together. The IoH provides the resources and publications for you to do just that.