VikingCloud has officially published the results from its latest report, which digs into hospitality industry’s rising cybersecurity concerns.
Going by the available details, 66% of hotel IT and security executives expect a rise in attack frequency, whereas on the other hand, 50% expect an increase in severity of these attacks during the summer 2025 travel season.
More on the same would reveal how 48% of hotel IT and security executives aren’t confident in their staff’s ability to reliably identify and respond to sophisticated AI-driven cyberattacks and deepfakes. On the other hand, a contingent of 22% respondents also admitted cybercriminals outpace their teams.
Markedly enough, this comes after the year 2024 saw 82% of North American hotels getting hit by a successful cyberattack, with 58% of hotels even targeted by five or more attacks.
Anyway, guest-facing technology was also found to be the most vulnerable to attacks, including payment systems and point-of-sale (POS) technology (72%), guest Wi-Fi (56%), and front desk systems (34%). As for the top attack methods that could impact hotel operations this summer, they included data breaches exposing payment details, passports, loyalty accounts, or other sensitive guest PII (46%), phishing attacks (40%), and guest Wi-Fi network compromise or misuse (38%).
“Peak travel season is here, and it’s also the busy season for cybercriminals,” said Kevin Pierce, Chief Product Officer at VikingCloud. “Hotels are a prime target given the surge in guest transactions, reliance on interconnected systems, and vast amounts of sensitive data. Last summer, 44% of hotels experienced more than 12 hours of downtime due to an attack. The financial and reputational impact from downtime can last long after summer ends, which makes understanding your cyber vulnerabilities and closing preparedness gaps essential.”
Talk about the given report on a slightly deeper level, we begin from how 34% respondents reported worries regarding POS system attacks disrupting in-person transactions, and 32% said a significant increase in credit card transactions will increase their cybersecurity risk during the busy travel season.
Next up, reputational damage from negative reviews (66%), financial losses (46%), lawsuits (42%), lower occupancy (32%), and higher insurance premiums (30%) were cited as the most likely business impacts. An estimated 12% also said any such attack could very well lead to hotel closure.
Another detail worth a mention relates to how 42% of hotel IT and security executives report weaknesses across third-party systems like payment processors and booking platforms increase their cybersecurity risk this summer, while 40% have a similar opinion for outdated technology.
Beyond that, VikingCloud’s research got to know that talent, skills, and training gaps greatly undermine hotels’ defenses. This was the case because nearly 26% reported limited in-house cybersecurity expertise, and 16% struggle to fill job vacancies. In case that wasn’t enough, temporary staff makes things dramatically worse, considering over 26% of respondents deem an influx of seasonal employees, unfamiliar with cyber policies and best practices, increases their risk quotient.
Among other things, it ought to be acknowledged that, despite 4 in 10 executives revealing about 16-25% of their total IT budget being devoted to cybersecurity, hotel defenses are struggling to keep pace with today’s threats.
You see, a larger chuck of hotels are investing in basic protections like next-gen antivirus, anti-malware, and anti-spam (72%), firewalls (70%), and VPNs (66%), but at the same time; fewer than half have deployed advanced defenses like vulnerability scanning, automated data backups, or integrated ransomware protection. In fact, adoption is even lower for dark web monitoring (26%) and penetration testing (28%).
Apart from this, 30% still don’t have plans to outsource to a managed security service provider (MSSP).
Founded in 2019, VikingCloud’s rise up the ranks stems from offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions. The company’s excellence can also be contextualized once you consider it currently employs over 1,000 dedicated cybersecurity and compliance expert advisors to serve 4+ million businesses, as well as analyze over 6+ billion online events every day.
“Cyberattacks can shutter hotel operations, erode guest confidence, and drain revenue during the busiest time of year. Going beyond the basics is critical to survival in today’s threat landscape,” said Pierce.
