A new cybersecurity risk assessment framework for the hospitality industry: techniques and methods for enhanced data protection and threat mitigation

Abstract

Purpose: The purpose of this research is to emphasize the importance of cybersecurity in the hospitality industry and to propose a particular cybersecurity framework of best practices and techniques to mitigate vulnerabilities and prevent cyberattacks in hotels. Design/methodology/approach: Exploratory research was conducted through semi-structured interviews with hotel managers. The interview content enables the retrieval of real-case cybersecurity incidents, identifies hotels’ vulnerabilities and suggests a new methodological approach to conduct risk assessment in the hospitality industry to mitigate threats and ensure cybersecurity and data protection. Findings: Research results show that hotels need to prioritize cybersecurity and limit cyber threats. To achieve this, hotels must develop effective risk assessment methods and mechanisms followed by implementing the necessary technical and organizational measures to mitigate threats and vulnerabilities, prevent malicious cyberattacks and ensure information security. Originality/value: This research highlights a new methodological approach to perform effective risk assessment in the hospitality industry as well as a framework of cybersecurity methods and techniques to implement effective controls and mitigate cybersecurity risks.