Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Data breaches in hospitality: is the industry different?

Data breaches in hospitality: is the industry different? The purpose of this study is to expand on the existing literature by specifically examining data security incidents within the hospitality industry, assessing origins and causes, comparing breaches within the industry with those of other industries and identifying areas of concern.Design/methodology/approachA sample of data breach incidents is drawn from the Verizon VERIS Community Database (VCDB). Statistical comparisons between hospitality and non-hospitality industry firms are conducted following the Verizon A4 threat framework.FindingsThe results reveal that breaches between hospitality and non-hospitality firms differ significantly in terms of actors, actions, assets and attributes. Specifically, proportions of breaches in the hospitality industry are larger in terms of external actors, hacking and malware, user devices compromised and integrity violations. Additionally, compared to other industries, point-of-sales (POS) system breaches occur at a higher rate in the hospitality industry. The study finds that company size, hacking and malware predict the likelihood of a POS breach.Research limitations/implicationsThe study uses secondary data and does not include the entire universe of data breaches.Originality/valueIn the quest to reduce data breach incidents, it is imperative to identify and assess the nature of data breach incidents between industries. Doing so permits the development of targeted industry-specific solutions rather than generic ones. This study systematically identifies differences between hospitality and non-hospitality data security incidents and then suggests areas where hospitality companies should focus future attention to mitigate breach incidents. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Journal of Hospitality and Tourism Technology Emerald Publishing

Data breaches in hospitality: is the industry different?

Download PDF
17 pages

Loading next page...
 
/lp/emerald-publishing/data-breaches-in-hospitality-is-the-industry-different-UxL0hv0wN1
Publisher
Emerald Publishing
Copyright
© Emerald Publishing Limited
ISSN
1757-9880
DOI
10.1108/jhtt-11-2019-0138
Publisher site
See Article on Publisher Site

Abstract

The purpose of this study is to expand on the existing literature by specifically examining data security incidents within the hospitality industry, assessing origins and causes, comparing breaches within the industry with those of other industries and identifying areas of concern.Design/methodology/approachA sample of data breach incidents is drawn from the Verizon VERIS Community Database (VCDB). Statistical comparisons between hospitality and non-hospitality industry firms are conducted following the Verizon A4 threat framework.FindingsThe results reveal that breaches between hospitality and non-hospitality firms differ significantly in terms of actors, actions, assets and attributes. Specifically, proportions of breaches in the hospitality industry are larger in terms of external actors, hacking and malware, user devices compromised and integrity violations. Additionally, compared to other industries, point-of-sales (POS) system breaches occur at a higher rate in the hospitality industry. The study finds that company size, hacking and malware predict the likelihood of a POS breach.Research limitations/implicationsThe study uses secondary data and does not include the entire universe of data breaches.Originality/valueIn the quest to reduce data breach incidents, it is imperative to identify and assess the nature of data breach incidents between industries. Doing so permits the development of targeted industry-specific solutions rather than generic ones. This study systematically identifies differences between hospitality and non-hospitality data security incidents and then suggests areas where hospitality companies should focus future attention to mitigate breach incidents.

Journal

Journal of Hospitality and Tourism TechnologyEmerald Publishing

Published: Oct 31, 2020

Keywords: Data breach; Data security; Cybersecurity; Information security; Hacking; Malware; Data vulnerability; Hospitality industry; 数据泄露; 数据安全; 网络安全; 信息安全; 黑客; 病毒; 数据脆弱性; 酒店业

References

  • Is there a cost to privacy breaches? An event study
    Acquisti, A.; Friedman, R.; Telang, R.
  • Security: steps every organization should already be taking, but aren’t
    Almosny, A.; Ostuni, C.
  • Do firms underreport information on cyber-attacks? Evidence from capital markets
    Amir, E.; Levi, S.; Livne, T.
  • The impact of an information security breach on hotel guest perception of service quality, satisfaction, revisit intentions and word-of-mouth
    Berezina, K.; Cobanoglu, C.; Miller, B.L.; Kwansa, F.A.
  • Securing the point of sale
    Caldwell, T.
  • The effect of internet security breach announcements on market value: capital market reactions for breached firms and internet security developers
    Cavusoglu, H.; Mishra, B.; Raghunathan, S.
  • The inhospitable vulnerability: a need for cybersecurity risk assessment in the hospitality industry
    Chen, H.S.; Fiscus, J.
  • Healthcare data breaches: implications for digital forensic readiness
    Chernyshev, M.; Zeadally, S.; Baig, Z.
  • To be secure or not to be
    Cobanoglu, C.; Demicco, F.J.
  • You took the words right out of my database: is there first amendment protection for media outlets publishing business data stolen by hackers
    Cole, S.C.
  • A framework for homomorphic, private information retrieval protocols in the cloud
    Fahsi, M.; Benslimane, S.M.; Rahmani, A.
  • Marriott data breach FAQ: how did it happen and what was the impact?
    Fruhlinger, J.
  • The effect of data breaches on shareholder wealth
    Gatzlaff, K.M.; McCullough, K.A.
  • The role of corporate reputation and crisis response strategies in data breach management
    Gwebu, K.L.; Wang, J.; Wang, L.
  • Notification letter
    Hoffman, C.
  • Risk management, firm reputation, and the impact of successful cyberattacks on target firms
    Kamiya, S.; Kang, J.K.; Kim, J.; Milidonis, A.; Stulz, R.M.
  • Ransomware: how Consumers and businesses value their data
    Kessem, L.
  • Hotel information technology security: do hoteliers understand the risks?
    Kim, J.S.; Farrish, J.; Schrier, T.
  • Impact of hotel information security on system reliability
    Kim, H.; Lee, D.; Ham, S.
  • Is the future of hotel property management systems in the cloud?
    Minett, D.
  • Online consumer privacy: an analysis of hotel company behavior
    O’Connor, P.
  • Do data breach disclosure laws reduce identity theft?
    Romanosky, S.; Telang, R.; Acquisti, A.
  • Risky business: fine-grained data breach prediction using business profiles
    Sarabi, A.; Naghizadeh, P.; Liu, Y.; Liu, M.
  • Estimating the contextual risk of the data breach: an empirical approach
    Sen, R.; Borle, S.
  • Hotels face increasing risk of a security breach by cyber hackers
    Sperance, C.; Schaal, D.
  • VERIS community database
  • Cyber attacks on US companies since November 2014
    Walter, R.
  • The impact of information security events on the stock value of firms: the effect of contingency factors
    Yayla, A.; Hu, Q.