Security News > 2021 > April > Cybersecurity guide for the hospitality industry

A practical cybersecurity guide from the National Institute of Standards and Technology can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system, which stores guests' personal information and credit card data.

"We have demonstrated that cybersecurity risk can be mitigated in and around a property management system using today's technology," said Bill Newhouse of NIST's National Cybersecurity Center of Excellence.

"Our practice guide documents how we enabled cybersecurity concepts such as zero trust architecture, moving target defense, tokenization of credit card data, and role-based authentication in a reference design that addresses cybersecurity and privacy risk. We also offer specific use cases to show the functionality of the design."

According to a recent industry report, hospitality ranked third among industries compromised by cybersecurity breaches in 2019, and the industry suffered 13% of the total incidents.

The NCCoE collaborated with the hospitality business community and cybersecurity technology providers to build an example system, or "PMS reference design," that simulates a hotel's PMS and connected IT infrastructure, including an electronic payment system and electronic door locks.

The practice guide also introduces the tenets and components found in a recent NIST publication on zero trust architecture, a cybersecurity paradigm focused on resource protection.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/ZYIVUOJKR1E/