Skip to main content

Home/ Hospitality Technology/ Group items tagged risk

Rss Feed Group items tagged

marble_bird

Conditions Associated with Increased Risk of Fraud A Model for Publicly Traded Restaura... - 0 views

shared by marble_bird on 12 Jul 20 - No Cached
  • Many restaurant industry examples provide evidence that as a firm’s internal control structure weakens and deficiencies are found, the opportunity for fraud increases significantly.
  • The main premise of the study tests the application of the fraud triangle framework constructs to publicly traded restaurant companies during the time period of 2002–2014, using proxy variables defined through literature. The proxy variables selected were company size, amount of debt, employee turnover, organizational structure, the Recession, inflation rate, interest rate, executive stock compensation, return on assets, and international sales growth.
  • growing pressures from both passive and active investors to constantly increase their stock value in a competitive world where meeting performance goals are necessary to maintain a competitive edge
  • ...69 more annotations...
  • To meet targets, it is typical for companies to put additional stresses on their internal control structures by reducing head counts, requiring employees to perform more than one job, and rearranging risk profiles
  • The deceptive and corrupt business practicesofthesecompaniesandothersresulted largely from a failure of corporate governance and lack of ethical business practices, in which internal control mechanisms were circumvented by conflicts of interest that enriched executives and damaged shareholders
  • Deficiencies are often observed through review of the main business cycles: revenue and receivables, purchasing and payables, treasury and stock, and financial reporting
  • Internal controls are often the first avenue of protection in safeguarding assets and thwarting and discovering errors and fraud
  • Some research has been conducted in this area, and findings suggest that companies in the telecommunications, technology, financial, and services industries experience the most difficulty with SarbanesOxley compliance efforts because of increased risk of fraud from industry and company risk factors
  • Therefore, pressure resulting from expectations of financial performance, opportunity to circumvent internal controls, and rationalization coupled with certain inherent industry factors may contribute to increased risk of fraud
  • opportunity to engage in unethical behavior may stem from the macro environment, the operational features, and the specific nature of the business cycles
  • Because of this potential for fraud on the company, shareholders, and the public, examining the conditions that may prompt fraud is necessary for the efficiency of the restaurant industry, and namely, for those passive and active investors that are relying on the financial statements to be true and accurate
  • the restaurant industry is often susceptible to deficiencies because of its inherent characteristics and high control risk
  • Corporate scandals, misappropriation of assets and financial statement misstatement are all very real threats to the restaurant industry.
  • the central focus of this study is to understand the factors that contribute to increased risk of fraud to determine why fraud may occur despite the imposed regulation of the Sarbanes-Oxley Act.
  • numerous researchers have found indication that executive stock option compensation provides encouragements for behavior that is fraudulent or corrupt
  • the study seeks to identify the factors that may provide the optimal criteria to engage in fraudulent or opportunistic behavior, using the incidence of a reported control deficiency as the measurable dependent variable.
  • The fraud triangle is the model that explains the factors that may cause an individual or a company to commit occupational fraud.
  • The differing classifications and definitions of pressure provide evidence that the construct is not directly observable; therefore, researchers in this field have measured the construct of pressure through proxy variables
  • consists of three constructs: pressure/motivation, opportunity, and rationalization. The three constructs offer an explanation as to why management commits fraud, and the dynamic relationship that underlies the acts of occupational fraud.
  • pressure may best be classified into four general types that may lead to fraud: financial stability, external pressure, manager’s personal financial situations, and meeting financial targets (
  • when considering measurements of external pressures relating to debt financing, the financial leverage ratio is the most common measurement of the amount of debt.
  • Both pressures and opportunities are often determined by factors that occur at both the individual and company level (
  • ROA, or asset composition, is an appropriate proxy measurement for the pressure of meeting financial targets.
  • according to the fraud triangle, it can be said that opportunity does not exist unless a pressure exists.
  • nonshareable problems could also motivate groups of individuals, representative of a company’s culture, to commit fraud.
  • Opportunity is described as an atmosphere or temporary environment that enables fraud to be committed, usually with a small perceived probability of being caught or reprimanded
  • In a study of Swedish restaurant companies, it is noted that competition is very high, often resulting in price wars among different companies that reduce prices and then try to compensate through increased sales
  • Some risk factors include the susceptibility of the industry to market changes as well as the nature of the industry, coupled with the specific operations of the company such as whether there are significant or complex international operations; how effective management is at monitoring activities within the organization; and the level of complexity that exists in the organization
  • This environment is therefore dependent on the discretionary income of consumers, and this increased pressure may lead to earnings mismanagement through overstatement.
  • Public companies in the restaurant industry are susceptible to opportunities for fraud on the basis of the aforementioned opportunities
  • The ability to commit fraud in the restaurant industry results from inside knowledge of processes and procedures, and the ability to circumvent controls through weaknesses (
  • strong evidence has also linked the CEO position to fraud when the CEO is also the Chairman of the Board. In incidences like this, the CEO is the dominate decision maker for an organization that may provide an increased opportunity for fraud.
  • The underlying reason for these three categories of increased opportunities for fraud is the state of the internal controls structure, and management’s commitment to strong corporate governance
  • Rationalization is essentially an attitude, belief, or position of the mind or ethical personality that enables an employee or group of employees of a company to intentionally misappropriate assets and then defend their dishonest activities
  • Weak corporate governance structures are often presented through ineffective monitoring of management.
  • A quantifiable means of capturing this could be through review of executive stock compensation measures.
  • excessive use of discretionary accruals may lead to poor audit opinions, providing a rationalized thought for business activities.
  • the nature of the restaurant industry is often described as a periodic, seasonal, and cyclic trade
  • Defining parameters for financial reporting can also have an effect on reducing the rationalized behavior and the opportunity to commit fraud
  • Because these conditions have an obvious effect on earnings and measures of success, this seasonal variability and volatility should be considered when analyzing pressures in the restaurant industry
  • For restaurant companies, this means that rationalizations and attitudes can be managed by assessing the internal control environment and understanding the pressures and opportunities that exist for employees.
  • Some restaurant industry pressures that may impact profitable sales growth include a lack of understanding of the consumer’s perception, including the relevance of existing brands, and delays in opening new restaurants. Likewise, an inability to consider cost pressures, including increasing fees for supplies, utilities, and health care providers contracted by restaurants, as well as an incapability of obtaining economies of scale in procurement, could compress margins and negatively impact sales and operations profit margin.
  • The value in the application of the fraud triangle to the restaurant industry provides an opportunity to extend theoretical contributions that originated from mainstream accounting to hospitality literature, which is severely lacking in the current literature
  • Likewise, restaurant companies that are smaller (and therefore may not have strong internal controls) with increasingly complex transactions create additional opportunities for fraud to be committed
  • competitiveness is a condition that makes meeting financial targets difficult and provides opportunity for fraudulent behavior. External pressure from analysts and investors may create an incentive to misappropriate assets, which, in turn, distorts common financial measures of success such as return on assets.
  • when debt financing exists, in order to address past and future obligations, and remain competitive, restaurant companies are at an increased risk of fraud especially when disruptions in financial and credit markets exist.
  • Studies have revealed that restaurant company victory and demise is eventually correlated to restaurant leadership abilities and intentions; therefore, it can be stated that executives and managers’ intentions are of utmost concern in understanding risk of fraud
  • firms with increasingly complex operations coupled with changes in organizational structure have less resources to put into internal controls and are therefore at an increased risk for accounting errors.
  • .Internationalgrowthissubjecttorisks such as international political and economic conditions, foreign currency fluctuations, and divergent cultures and consumer inclinations
  • This study will focus on the variables most pertinent to the restaurant industry on the basis of the inherent characteristics of U.S. publicly traded restaurant companies, as previously described in this section.
  • a s a result of workforce diversity and the presence of many perceived low-skilled workers. In addition, as companies within the industry respond to declining performance, publicly traded restaurant companies may be subject to activist investors who wish to see a change in the executive management team. If a shake-up such as this would occur, the organizational structure of the company may become unstable, resulting in much greater opportunities for fraud to occur at all levels.
  • this study looks to assess the relation between the amount of debt a company has occurred and the incidence of reported internal control deficiencies.
  • Variables relating to rationalization are present in the restaurant industry when considering the motivations and attitudes of management. It is noted that in difficult times, such as the Recession, aggressive financial reporting tactics may be used
  • this study seeks to understand the effect of substantial stock compensation on increased fraud risk.
  • this study also hypothesizes that poor ROA could increase the risk of fraud, as the pressure provides executive management with the motivation to manipulate earnings.
  • this study suggests that the organizational structure of the company may provide opportunity for increased fraud risk through a unitary tone at the top.
  • this study analysed the disclosures of publicly traded restaurant companies to determine whether a company has a higher probability of increased fraud risk on the basis of the presented variables.
  • The results of the applied probit model reveal for the entire population set of publicly traded restaurant companies that the macroeconomic factors of the Recession, interest rate, inflation rate and unemployment rate all have a significant impact on the increased risk of fraud, as evidenced through a reported internal control deficiency.
  • As noted in the overall model, the results reveal that the model as a whole is a significant fit to the data. Although the company-level variables were not significant in the overall model, external factors were each significant.
  • Therefore, it can be said that the results of this study empirically support the intuition that changes in macroeconomic conditions may impact increased risk of fraud for companies in the restaurant industry.
  • It can be said that there is a significant relation between increased risk of fraud and the macroeconomic factors of interest, inflation, and unemployment rates.
  • from a managerial perspective, the study provides evidence that macroeconomic conditions that might affect consumer demand may increase the risk of fraud for publicly traded restaurant companies.
  • In addition to the high costs of compliance, it is also important to recognize additional managerial characteristics that may heighten the effects of the macroeconomic conditions on increased fraud risk.
  • As indicated by the results of the study, however, many times executive management does not recognize the problems associated with the macroeconomic conditions because of systematic perceptual filters that play the crucial role in the functioning of the company.
  • By focusing on the changing macroeconomic conditions that may have an empirical effect on demand, executive leadership will be able to streamline processes to avoid incidences of reporting internal control deficiencies when exposed to the macroeconomic conditions.
  • In the restaurant industry in particular, information is also not readily quantifiable, which makes it even more difficult to transform into meaningful and timely information for executive management. Particular examples include consumer insights and how well new promotions are received and moved throughout the market.
  • it should be noted that reported internal control deficiencies are indicative of increased fraud risk, but not necessarily conclusive that fraud has occurred. Therefore, just because a company has reported a deficiency, it does not indicate fraud, necessarily.
  • According to the model, the managerial factors are only exacerbated by the presence of macroeconomic factors.
  • the identified conditions could help managers to improve internal control when a high risk factor is realized. The contribution of this study may allow restaurant companies to deter activities that may result in increased risk of fraud.
  • Because the study revealed that the macroeconomic conditions were significant for the entire population of restaurant companies, an area of future research might explore the relevance of the co alignment model (Olsen &R o p e r , 1998) to strategic management decisions to reduce the risk of fraud.
  • for purposes of this study, privately traded companies are excluded. This is a limitation of the study because the results may indicate a problem that is more or less pervasive since the sample is representative of a small number of companies in the United States.
  • the model is limited in application because it does not take into account fluctuations among the variables over time.
  •  
    This article covers the methodology and findings of a study conducted to examine the factors contributing to fraud risk in publicly traded restaurants. The article discusses factors in the fraud triangle, macroeconomic factors, and internal company factors that may contribute to fraud despite protections implemented per Sarbanes-Oxley. The study ultimately finds that internal company factors are insignificant when considering the impact on fraud risk, while macroeconomic factors, such as inflation or unemployment, drastically impact the level of fraud risk that a company may face.
alexsolano36

Why Cybersecurity Isn't Only a Tech Problem - 0 views

  • By now, most accept that they need to invest significant cash and resources into cybersecurity capabilities
  • ather than the full C-suite and board.
  • we’re failing at cybersecurity
  • ...27 more annotations...
  • today as comparable to trench warfare in World War I.
  • First, no company has all of the resources to fix every cybersecurity issue, and not all fixes are equally important.
  • starting with a company’s most critical business activities and how cyber attacks could disrupt them that one can start to prioritize this whole process of risk mitigation.
  • skip the ste
  • focusing on individual technologies t
  • without ever addressing the fundamental issue, which is protecting the business activities for which the computers were procured.
  • hey translate in their minds being compliant with requirements as equivalent to being adequately protected.
  • nds up actually diminishing the security of these companies, as opposed to achieving its goal of increasing protection.
  • cybersecurity has been, it’s come out of the technology department.
  • versus one that’s related to any other complex business risk that a company might face.
  • eally large cybersecurity budgets, don’t nearly get the cyber protection benefit that they should, given the dollars that they spend.
  • with r
  • $3 million a year on cyber threat intelligence.
  • And that really starts with looking at cyber risks as a business risk that could come and occur as a result of a cyber attack.
  • to help quantify what those risks are, and bringing an IT department and your cybersecurity resources to understand what the threat environment might by that might affect those risks in some way or make them to come about.
  • this perception on the part of non-technical business leaders that the cybersecurity field is so complex, so impenetrable that they would never be able to understand
  • And so, the cybersecurity team decided to put the network used for the development of new automobiles inside their corporate network, because they thought, ah, at attacker would need to go through two networks in order to be able to then steal information.
  • cybersecurity people had no idea how the companies that they worked for actually design cars, and so they proposed security mechanisms that both interfered with work and ended up resulting in the company being more vulnerable because all of these outsiders now had complete access to the corporate intranet globally.
  • You know, we’ve found that cybersecurity writ large is full of platitudes that seem obvious and compelling at first read, but if you think about them more thoughtfully, they’re sometimes misinformed.
  • , informing employees about the cybersecurity implications of their own work
  • but also who your adversaries are. H
  • Another avenue that companies can take is, is there anything about the business that the company is in, the way in which it operates, that might attract some sort of attacker.
  • In all areas of risk, whether it be financial risk, physical risk, or cyberrisk, there are no guarantees that what you do will be sufficient to fend off the attack that you actually face.
  • , you need to have cybersecurity reviews as you change your business, just like you look at other risks when you’re making changes to your business.
  • Based on our experience, when a company is looking for a home for the cybersecurity organization, they should first look at where their most significant cyber risks reside.
  • A company needs to have the technical capabilities to respond to the most likely forms of cyber attack on their most critical business activities.
  • instead of telling me what vulnerabilities need to be fixed with whatever priority
  •  
    This article talks about how companies make the grave mistake of thinking that cybersecurity is merely an issue that should be addressed by an IT team and that no one else is responsible for addressing risks and understanding them. Most C-suite employees don't understand what the risks are, and usually these risks vary from company to company. It is not that you should only consider that you can get hacked, but you should consider and identify what kinds of information can get hacked and why. The article denotes an example of an Asian automobile company that needed to implement a new system to mitigate security risks and in the process, ended up locking up other companies who needed to use their systems to find out about their products. So those companies started to create fake profiles to try and access the information -- all so that they could just do their job. This showed that people are more interested in just getting their job done than understanding cybersecurity and why certain systems are in place. The way of thinking up security systems should be creative and involve all parts of an organization. Departments won't know what their role is until they identify what information is important to them, what their purpose is in the company, and what is valuable to them. By identifying this, they can come up with ways to secure this information and monitor its delivery. Businesses don't look at cybersecurity as a risk of their business just as a shipping company would look at weather risks as a potential threat to their revenue. It is looked at as more of an abstract concept and this stops people from implementing successful strategies to keep their information safe. Cybersecurity shouldn't be viewed as "so impenetrable" that no one would ever understand it. This requires everyone to get involved and understand the implications of cybersecurity on their own work, specifically, and identify who their main adversaries may be.
apate114

Top 5 risks and security challenges for hotels in 2015 - eHotelier - 0 views

  • 1. Identity theft leading to credit card fraud
  • Identity theft and credit card fraud is the new form of pick pocketing, but on a much larger scale. The number of compromised credit cards is expected to increase this year.
  • 2. Silent invasions
  • ...11 more annotations...
  • 3. Longer or no security audit cycles
  • APTS are considered the most dangerous type of cyber-attack as they simply bypass the defenses that are in place.
  • Cyber-crime shows up on the security radar as the second highest risk the hotel industry is exposed to.
  • The gap between the low number of qualified security auditors worldwide and new hotels built is getting bigger and bigger.
  • Nearly 1.26 million hotels worldwide are dealing with all sorts of safety & security issues.
  • 4. Physical crime will remain an issue for hotels
  • Physical crime ranges from professional burglaries using nifty social engineering techniques to temporary drug laps in hotel rooms.
  • Holdups at night involving firearms have increased since hotels are easily accessible and less protected compared to other industries operating at night.
  • 5. Loss of competitive advantage after a major security incident
  • The recovery costs after a security incident, including the attention of the media, are often much higher than the investment in security and risk management.
  • Reputation is a vital yet fragile advantage that requires its very own security plan in a strong competitive market where guests nowadays love to make their booking decisions with the help of online travel review sites such as Tripadvisor & Co.
  •  
    The article highlights the top five risks and security challenges in the hospitality industry. The following are the top five security risks according to the article. 1. Identity theft leading to credit card fraud - compared to other industries, the hotel industry is at more risk for credit card fraud and identity theft. This is because hotels are highly targeted by hackers. Hotel properties for the most part have credit card information for each and every guest that has stayed at a specific property. Hotels must be ahead of the technology curve when it comes to security however this is not always the case. 2. Silent invasions - This consists of all the cyber attacks that can affect a business by infecting the network. As discussed during the first module, hotels run majority if not all of their business using technology. If a hotel were to have their networks hacked it would leave them in a very bad situation. Since hotels operate their entire business using technology and multiple different systems, they would not be able to operate if they experienced a network breach. 3. Longer or no security audit cycles - Most branded hotels are required by the franchise to have consistent security audits done for each property. Independent hotels are deemed greater at risk for a security attack because they are not mandated to have security audits. These hotels sometimes skip audit cycles to save money. 4. Physical crime - This ranges from professional robberies to drug laps in hotel rooms. Hotels are at risk for armed robbery due to to lower chance of security compared to other industries that operate overnight. 5. Reputation risk - Hotels that experience a security breach almost always will see some sort of loss in competitive advantage. Nowadays with social media and the news travelers are more aware with what is going on and they would be more inclined to book their reservation somewhere else if they heard of the property having a security breach.
jessielee214

How to manage risks in tourism? | CBI - Centre for the Promotion of Imports from develo... - 0 views

  • 1. What is risk management?
  • Risk management is a planned process through which organisations manage active crises.
  • A crisis is defined as a time of difficulty or danger and is usually a time when difficult or challenging decisions must be made.
  • ...29 more annotations...
  • 2. Before a crisis: Have a Risk Management Process in place
  • A Risk Management Process aims to reduce the uncertainties of actions taken during a crisis. It is important to have this is place in advance, so that your organisation is well prepared for unexpected events that may happen in future.
  • Establish the context
  • Identify the risks
  • Know who your stakeholders are
  • Analyse and evaluate risks
  • Analysing risks involves determining the likelihood of a crisis occurring and their possible consequences, from insignificant up to catastrophic. Understanding which possible crisis would have the most negative impact will enable you to decide on the priority course of action.
  • Treat risks
  • Communicate and Consult
  • Being visible and keeping in touch with your stakeholders is one of the most important factors of risk management, and it must be done on a continuous basis in all stages, before, during and after a crisis.
  • No two crises are the same, and some destinations will be more susceptible to particular crises than others. You should carry out a risk analysis, drawing up a list of crises that might happen based on those that have occurred in your region/country in the past and may happen again.
  • ou should revisit your website regularly and publish the most recent information about the impact a crisis is having on your destination/region.
  • Use your website and social media to keep in touch
  • Draw up a list of your stakeholders to get a clear overview, so you can ensure they are included in all correspondence you issue.
  • It is really important to date your website communications, so that users can be sure they are receiving the most up-to-date information.
  • Monitor and review
  • Crises are often fast-moving; situations tend to be highly changeable and can be volatile. This means that current processes, plans or procedures that you have in place to deal with a crisis should be regularly reviewed and updated. Your plan should be flexible and dynamic, so that you can adapt easily to the changing situation when a crisis happens.
  • Training and testing
  • Once you have formulated your Risk Management Plan, you must train your staff and test the plan.
  • 3. During the crisis: Follow these four steps
  • Once a company is in the middle of a crisis, the first thing to do is to understand the situation as best you can and understand the impact it can have on your organisation. This is a continual process as one of the characteristics of a crisis is that it’s always changing, and the effects on your business will also constantly shift.
  • 1. Mitigation
  • Mitigation refers to the initial actions that the company that is directly in the face of the crisis or emergency needs to carry out. These are the first steps that need to be taken to protect the ones in the immediate line of fire – teams, customers, suppliers, industry partners and finances.
  • 2. Preparedness
  • he mitigation stage of the crisis management could be a very short process or a long, drawn-out process, depending on the immediate effect of the crisis on your business. At the same time, the process to start preparing the business for this particular crisis can be key to the next stages of Response and Recovery.
  • 3. Response
  • The majority of crisis management lies in the response to the crisis. All the preparation you have already done to protect the company and its assets will help you in the response stage.
  • 4. Recovery
  • It is difficult to know when the Response phase becomes the Recovery phase. However, it is clear that, while you are on the road to Recovery, you should to continue to follow the steps you established in the Emergency Response Plan. As in the previous steps, you should be continuously refining and updating the plan, based on the current situation. Flexibility during the Recovery phase continues to be important. Your organisation may look different following all the changes you may have made as a result of the crisis, and your markets may also have changed.
  •  
    This article uses diagrams and gives the step to let us know the processing of managing the risk. Also, it teaches a four-step process- Mitigation, Preparedness, Response, and Recovery to address a crisis successfully.
anonymous

Cybersecurity: A Hospitality Industry Reality - AETHOS Consulting Group - 0 views

  • Cyber thieves are crafty and persistent in finding ways to breach security to gain access to personal information. The hospitality industry, hoteliers, restaurants and other such businesses that rely on the use of personal information to provide service to their customers are particularly at risk.
  • Initial steps in the risk-management process Hospitality companies should first focus on developing a robust internal risk-management program, including the establishment of strong policies and procedures; training and insurance can reduce the chances of a data breach and mitigate the damages if a breach occurs.
  • In general, an organization should review the following areas to begin developing a well-rounded risk-management program: Corporate security policy Asset classification and control Personnel security Computer-network and management protocols for vulnerability System access controls Privacy and regulatory compliance
  • ...10 more annotations...
  • Then, ask yourself, “What does our company have in place to mitigate our exposures?”
  • Do we have an effective privacy policy?
  • Do we have an effective privacy-breach response plan?
  • Do we continuously test our disaster-response and business-continuity plans?
  • Franchise concerns
  • Franchise agreements should address several important data-security concerns, cyber-insurance, breach notification and PCI (payment card industry) compliance.
  • Franchise agreements should require franchisees to purchase a specified amount of cyber insurance coverage in the event of a data breach.
  • In addition, the franchisee should be required to promptly notify the franchisor of all breaches in security and immediately notify the franchisor of all breaches of sensitive information.
  • The franchisor may also want to consider being notified of any impermissible uses or disclosures
  • Cyber attack realities The ramifications of a cyber breach could be both financially and operationally catastrophic to any hospitality company. Losses could include costs associated with litigation expenses and fines as well as defense. The cost of business interruption and loss of income could be debilitating.
  •  
    This is an article providing a very high-level introduction to the potential risks faced by the hotel industry from cybersecurity. It outlines some initial steps that hotel companies might consider in their risk-management process and also gives some very specific examples of risk related to franchise contracts.
emilywest5

Big data and analytics in tourism and hospitality: opportunities and risks - ProQuest - 0 views

  • The purpose of this paper is to examine and provide insights into one of the most influential technologies impacting the tourism and hospitality industry over the next five years, i.e. big data and analytics. It reflects on both opportunities and risks that such technological advances create for both consumers and tourism organisations, highlighting the importance of data governance and processes for effective and ethical data management in both tourism and hospitality
  • This paper identifies and examines key opportunities and risks posed by the rising technological trend of big data and analytics in tourism and hospitality. While big data is generally regarded as beneficial to tourism and hospitality organisations, there are extensively held ethical, privacy and security concerns about it. Therefore, the paper is making the case for more research on data governance and data ethics in tourism and hospitality and posits that to successfully use data for competitive advantage, tourism and hospitality organisations need to solely expand compliance-based data governance frameworks to frameworks that include more effective privacy and ethics data solutions.
  • Technology (and its rapid development) is one of the key megatrends and driving forces that are seen to shape the future of tourism (Yeoman, 2012, 2018; Yeoman and McMahon-Beattie, 2018) via changes that will impact the way tourism and hospitality providers interact with travellers.
  • ...15 more annotations...
  • A recent business report on key megatrends and market disruptors suggests that technology and new ways of engaging and interacting with customers are fuelling the rate of disruption as currently businesses are able to reach new customers in new ways and can reinvent customer engagement around service and convenience (Boumphrey, 2019).
  • One of the most important uses of data is to improve personalisation, travel companies using the information they gather to make specific adjustments to their offerings.
  • Currently, considerable amount of structured and unstructured data are produced globally (Nunan and Di Domenico, 2013; Verdino, 2013), a so-called “digital exhaust” (Wang, 2013; Barocas and Nissenbaum, 2014) that is passively generated by users of products and services using mobile devices (Shilton, 2009), an abundance of publicly available data shared on social networking platforms (Nov et al., 2010) and customer data and information purposely collected by tourism organisations’ booking systems or customer relations management (CRM) systems
  • This abundance of data and the act of processing data on a large scale has led to the concept of “Big Data,” which Mayer-Schönberger and Cukier (2013) define as “things one can do at a large scale that cannot be done at a smaller one, to extract new insights or create new forms of value, in ways that change markets, organisations, the relationship between citizens and governments, and more” (p. 6
  • ndeed, one of the latest Euromonitor International travel industry reports confirms that big data and analytics is expected to be the most influential technology impacting the industry in the next five years (Bremmer, 2019), followed by artificial intelligence and the Internet of Things.
  • The use of data is viewed as a disruptive innovation in the tourism and hospitality industry, although it allows organisations in the industry to facilitate personalisation, offer convenience, save costs and overall gain competitive advantage (Evans, 2020).
  • Not surprisingly, privacy is now the top data issue and concern for organisations
  • In particular, in the tourism and hospitality sector, the effective use of big data is associated with revenue management (e.g. using and combining internal data, such as occupancy rates and current bookings, with external data such as information about local events, school holidays and flight information to forecast demand and maximise revenues); market research and strategic marketing purposes (e.g. identifying customer trends to best cater marketing opportunities); customer experience and reputation management (e.g. social media conversations and online reviews, service usage data and internal feedback via customer surveys). A good example of an organisation that successfully uses big data to gain competitive advantage is AirBnB (Evans, 2020; Guttentag, 2019).
  • These concerns have been intensified by recent global cyber-attacks and more specifically by significant data breaches in a wide range of industries and sectors, including the tourism and hospitality industry (Armerding, 2018; PwC, 2016, 2017). The hospitality industry is now in the media spotlight because of high profile breaches (PwC, 2016, 2017).
  • One of the biggest data breaches of the 21st century has affected one of the largest hospitality companies, Marriott International. Starting in 2014, the data breach occurred on systems supporting Starwood hotel brands, which were acquired by Marriott in 2016 and affected ∼500 million customers worldwide, with the breach only being discovered in September 2018. Data and information on names, contact information, passport numbers, travel information and other personal information were compromised, and information on credit card numbers and expiration dates of more than 100 million customers was stolen (Armerding, 2018).
  • Indeed, the 2018 Global State of Enterprise Analytics survey found that globally 49 per cent of companies surveyed believed that the primary challenges organisations most commonly face are data privacy and security concerns (MicroStrategy, 2018). Similarly, another recent industry report shows that over 40 per cent of tourism industry professionals claimed that data privacy and cybersecurity are one of the most influential factors impacting digital commerce in this sector (Bremmer, 2019).
  • These technological advances provide significant opportunities for businesses to harness the wealth of data to support their activities and gain competitive advantage. The efficient uses of data and analytics drive process and cost efficiencies and strategy and change (MicroStrategy, 2018).
  • When selecting analytics solutions, tourism and hospitality organisations are required to address the growing concerns around privacy and security of customer data by putting in place well-designed data governance frameworks capable of providing quality data and be able to provide effective frameworks of data security and protection for all stakeholders
  • Potential frameworks for ethical data management and digital privacy specific to tourism and hospitality would need to identify, in addition to the protections afforded under the recent General Data Protection Regulation (GDPR) (ICO, 2018), how data is collected, what it is used for and who has access to it and why
  • Big data and analytics are playing a crucial role in digital transformation efforts of organisations in general and in the tourism and hospitality industry, thus driving greater effectiveness and efficiency and the strategy to define new business models and bring about successful change (Evans, 2020; MicroStrategy, 2018)
  •  
    This was about the risks in the hospitality and tourism industry when it comes to big data and analytics. Big data is so important in the hospitality industry because it's how companies know who to cater to and with what and how. In addition to the importance of big data, there are risks that come with it. A few risks are data leaks, hackers, etc. Companies invest money in their systems so these things are avoided.
espence13

Marriott Hotels: Series Of Data Breaches Reveals Lack Of Security Awareness - 0 views

  • The data breach hitting Marriott Hotels Group was huge. The joint-second largest to have ever taken place, in fact, after Yahoo’s disastrous 2013 breach (and on par with Yahoo’s 2014 breach). While the amount of data that was taken from Starwood Hotels’ reservation systems (a company acquired by Marriott in 2016) was vast, what’s most staggering is the fact the breach went undetected for four years, and an acquisition also took place but the alarm still wasn’t raised. Since news originally broke of the release, it’s also been revealed that the hotel group’s own security team was hit by an attack in June 2017. Clearly something has gone amiss.
  • The issue is compounded by the fact that security is still not high enough up the list of priorities for business leaders. Despite well-known organizations frequently hitting the headlines for data breaches (in 2018 alone we’ve had Ticketmaster, Quora, British Airways, Under Armour and plenty more) and a ‘when not if’ warning  being peddled by the security industry for years, many businesses still haven't got to grips with just how critical proper security is. The fact that reviewing security may not have been part of the acquisition process of Starwood by Marriott – and if it was, not well enough – is further evidence of this apparent blindness to the impact of poor security. So, what’s going wrong? A research report from security company Bromium earlier this year suggested that the average large enterprise spends $16.7 million per annum on security, with the vast majority found to be on ‘the human cost of maintaining cyber security systems’. While most firms clearly aren’t 2,000 people sized enterprises, the research provides a good indication that spending on security isn’t the issue. Instead, it’s people.
  • We need to look at different approaches to skills development and, in many ways, imitate cyber criminals themselves who are continually iterating ideas to solve problems, rewarding perseverance and curiosity as well as encouraging further development. The ‘white hats’ need to approach their roles the same way – not rely on what they heard in a classroom six months previously.
  •  
    The recent cyberattack at Marriott International Inc. has many hoteliers wondering what are the legal and business risks associated with security attacks? The recent breach at Marriott further proves the point that businesses should prepare now or be willing to pay for it later. In November 2018, the Bethesda, MD-based hotel company revealed there had been unauthorized access to the Starwood guest reservation database, which contained guest information relating to reservations at Starwood properties on or before Sept. 10, 2018. Businesses face a multitude of risk when looking at the potential consequences resulting from a cyberattack or breach. As we've seen recently with the Marriott breach, there can be significant impact to brand equity in the marketplace. This impact can be far reaching for publicly traded businesses, resulting in material impacts to businesses and business valuation, and long-term impact to user adoption. In addition to the downside risk from the market, businesses must also mount expensive defenses against litigation that increasingly takes the form of class actions. Reputation is important in every trade but is especially important in the hospitality industry. This, coupled with the fact that consumers are becoming more sensitive to privacy and security related issues, means that businesses in the hospitality industry must manage against these types of risk and allocate appropriate levels of funding toward information security. What should hoteliers learn from the Marriott breach? Pay attention. Marriott was aware that there was a potential issue shortly after it acquired Starwood, but did not, apparently, investigate in detail. Marriott may not have created the problem, but it bought the problem and didn't treat it with the seriousness that was necessary.
armanyleblanc767

Data Security in Hospitality: Risks and Best Practices - 0 views

  • Best practices for companies in the hospitality sector to protect data include:
  • Always encrypt payment card information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  • From the perspective of cybercriminals, hospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • ...23 more annotations...
  • five of the biggest data security concerns in the hospitality industry and highlights some best practices for protecting hospitality data.
  • Data Security Concerns in Hospitality
  • complex ownership structures
  • groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • Reliance on Paying By Card
  • t was reported in 2017 that out of 21 of the most high-profile hotel company data breaches that have occurred since 2010, 20 of them were a result of malware affecting POS systems.
  • can go unnoticed for months.
  • High Staff Turnover
  • In the U.K., for example, the job turnover rate in hospitality is as high as 90 percent.
  • challenge to maintain teams of well-trained staff.
  • Compliance
  • Insider Threats
  • t involves employees selling data to third parties without the knowledge of the organization that employs them.
  • Hotels, motels, resorts, and rented apartment complexes all gather and electronically store a range of sensitive personal guest data, such as names, phone numbers, addresses, and credit card details.
  • A case in point was the Wyndham Worldwide breaches of 2008 and 2010. Hackers gained access to the systems of an individual operating company through easily guessed passwords, and the attack easily proliferated through the entire corporate network, with the result that 619,000 customers had their information compromised.
  • Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  • ospitality appears to offer an ideal target vector for conducting crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII).
  • ybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data
  • The high level of turnover and high degree of staff movement between different locations makes it a real challenge to maintain teams of well-trained staff
  • While GDPR protects individual data within the EU and EEA, its ramifications have rippled through industries globally, and organizations are realizing the need to put greater compliance measures in place. PCI DSS is another important global regulation that protects credit card data, and fines for non-compliance begin at $500,000 per incident. The risk here is not just to data security but to the future survivability of hospitality companies, many of which would not be able to absorb the s
  • This type of data risk is more subtle and it involves employees selling data to third parties without the knowledge of the organization that employs them
  • Always encrypt payment ca
  • rd information. Operate a continuous training program in cybersecurity to maintain a well-trained workforce. Always adhere to relevant regulations, such as PCI DSS. Use cybersecurity measures such as firewalls, network monitoring, anti-malware, and traffic filtering to protect against common threats. Conduct tests against your organization’s cybersecurity defenses in which you mirror the behavior of an actual hacker. Know where your data is and enforce the principle of least privileges to limit access to sensitive information.
  •  
    This article highlights several important security issues in the hospitality industry, followed by the practice of protecting data from loss. The data structure of the hotel industry is complex, customers mainly use bank cards to pay, and the staff turnover rate is high. There are certain internal threats. In order to solve these problems and avoid data loss, it is not enough to strengthen network security. It is also important that employees are trained and familiar with and comply with relevant regulations.
  • ...3 more comments...
  •  
    Data security is a major issue in the hospitality industry. A lot of personal information is stored on the computers specifically credit card information of the guests staying at the hotel. It is the responsibility of the hotel to ensure that the data is protected. High turnover rate in the industry can make this an even bigger challenge. Ensuring that your staff is properly trained to ensure the highest level of security is maintained is highly important.
  •  
    This article speaks about the data security concerns in hospitality. Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures in which there's a franchisor and a management company that acts as the operator. Businesses use different computer systems to store information. The nature of the hospitality industry is such that it is extremely reliant on cards as a form of payment. Cybercriminals use this reliance on cards to infect point-of-sale (POS) systems with malware that steals credit and debit card information by scraping the data. A vital part of protecting data is training staff to securely gather and store personal information. Well-trained staff also know how to recognize social engineering attempts and they understand an organization's compliance requirements. Data security risks in the hospitality industry extend far beyond the reputation hit that a hotel can take if guests' data is compromised. Industry and political regulators are becoming stricter in governing how organizations process and store personal data. Some of the best practices for companies in the hospitality industry to use are: always encrypt payment card info, operate training programs in cybersecurity regularly to keep everyone informed, adhere to regulations, know where the data is, and enforce limit access to sensitive info, and more.
  •  
    This article explains how data security is at an all time high in the hospitality industry. Focuses on the 5 security concerns and what are some practices that leadership can help employees detect when someone is trying to hack into sensitive information. Also, making sure employees are in compliance with company policy when leaving the company if they have access to sensitive data and making sure employees are not using to their advantage when leaving the company.
  •  
    Hospitality offers an ideal target vector for conducting Cyber crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII). Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures with an individual owner or group of owners, and a management company that acts as the operator. Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.
  •  
    In this article, we learn about the top five data security risks as well as best practices to help prevent data breaches. According to the article, the hospitality industry is a prime target since it stores a vast amount of sensitive guest information like names, phone numbers, addresses, and credit card numbers. Some of the five risks included complex ownership structures, reliance on paying by card, and insider threats to name a few. In order to avoid these threats, the article suggest that companies become PCI compliant, use cybersecurity measures like firewalls, and know where exactly their data is stored.
pjohn091

Hospitality security adjusts to COVID-19 constraints | 2021-02-08 | Security Magazine - 0 views

  • While COVID-19 has slowed the hospitality industry, security plays a more pivotal role than ever and the ongoing pandemic is challenging security professionals to adjust and adapt to new rules and procedures.
  • “The things people do in hotel rooms are things they would never do at home: prostitution, drug abuse. Suicide is huge, people kill themselves in hotel rooms because they don’t want to do it at home,”
  • The hotel industry came to a halt in the early months of the COVID-19 pandemic and things are only slowly starting to pick back up. Yet the burden on security is no less than it was before, and in many ways, the job has gotten harder.
  • ...12 more annotations...
  • Occupancy levels dropped 90% for several months and have only recently returned to a consistent 40%, with many hotels still closed,
  • “Despite the low occupancy levels, we continue to have a significant number of incidents resulting in a much higher incident-to-occupied-room ratio than we have historically seen. We have seen a dramatic increase in heart attacks and suicides over the past few months, and continue to have increased numbers of fraud and guest-on-guest type incidents.”
  • Even as the need for security persists, many hospitality chains have pared back their security budgets.
  • Eventually COVID-19 will recede, but new risk categories will likely continue to unfold in hospitality. Security professionals can help to steer a course by reminding upper management that risk is more than just a monetary calculation.
  • Under these emerging policies, security is striving to put more active eyes on guest rooms — right at a time when COVID-related staff reductions are making it harder for security even to sustain normal operations.
  • Even if there’s only one person working the front desk, “they still need to be making the rounds,” Perman says. “They need to be knocking on doors and making contact, making conversation. You need them to keep up that level of human intervention.”
  • “A passive infrared detector can also be used to detect temperature in human beings, so a video camera that is infrared capable can detect fever in a human, and that is being done in a lot of places,”
  • Through COVID-19, though, technology can be a double-edged sword. For example, some hotels have turned to mobile-phone-based check-in to provide a touchless experience. “From a security perspective there are unintended consequences there,” Danson says. “Now you never have to go to the front desk, you never have to encounter a person.”
  • In some cases, entire corporate departments are being eliminated, so there is no centralized security department. There is no one providing corporate guidance, no one providing policies and procedures.”
  • With the onset of COVID-19, things have gotten even more challenging, as hotel security is increasingly tasked to do more with less. 
  • Even in this strained environment, other common risks persist in the hospitality world. Prostitution is a perennially complex issue for hotel security, for example, while human trafficking is an increasing area of concern.
  • When allocating resources in support of operational safety and security, “the chief of security needs to be informing corporate leadership of the potential risks, so that it becomes a risk-based decision and not just a budget decision,” Slotnick says. “Security has to make the case for risk, whether it’s a risk to brand reputation or other forms of risk.”
  •  
    This article goes into great detail about how Covid-19 is affecting hotel security. With budget cuts, security personnel are being limited, but the need for security is more important than ever. The article talks about how suicides in hotels are higher than ever as well, making it all the more important to have a solid security presence.
  •  
    In this article, it discusses the decline of the hotel industry following the COVID-19 pandemic, and how things have only slowly begun picking up again. However, the security burden is as great as it has ever been, and in many ways, it is even harder. Despite hotels closing their doors amid the pandemic, occupancy levels have only recently recovered to a consistently high 40%, with many still closed for months.
tvill22

Cybersecurity risks shaping hospitality in 2022 | Wipfli - 0 views

  • A breach could have enormous impact on consumer confidence and bookings. Hackers can takeover mechanical systems and shut down facilities.
  • The average cost of a data breach is $4 million on top of revenue losses due to long-term damage reputations.
  • Hotels also face risk from inaction; guests may perceive low-tech processes as a lack of amenities or as less safe.
  • ...8 more annotations...
  • Outsourcing can speed up development and deployment – but has huge security implications so vendor evaluations need to be thorough.  
  • Data compliance and cybersecurity training should occur annually, at least. “Secret shopper”-style testing can happen year-round.
  • For example, is the vendor in a secure financial situation? Does its geography or location create vulnerabilities? How does it secure its data and property?
  • Nearly 90% of hacking incidents involved some sort of credential abuse. Hotels can activate multifactor authentication to improve security instantly.
  • Create a standard interrogation procedure to evaluate and measure the stability of each potential partner and solution
  • Being prepared can minimize the impact of an attack or data breach.
  • As cyber threats increase, large groups and conventions may require cyber insurance as part of their booking contract.
  • A consistent and thorough evaluation process can lead hotels toward a solution that works for everyone – creating a secure and efficient work environment and a safe and inviting guest experience. 
  •  
    This article addresses the cybersecurity trends in hospitality for 2022. They talked about the risks for the hospitality industry and how much it can cost the company if there is a breach. It also talks about how bringing third party vendors in can be a risk to your company. It ends by talking about how to protect todays infrastructure by locking down logins, empowering staff, making a plan, and getting insured.
hui wang

The Disadvantages of a Point of Sale System | eHow.com - 0 views

  • It is a computerized system that links the cashier and customer to an entire network of information, handling transactions between the customer and store and maintaining updates on pricing and promotions. Although a point of sale system has many advantages
  • Cost of Web Access
  • Updates
  • ...1 more annotation...
  • Security Risks
  •  
    This article is about the disadvantages of the point of sales system, which is including the cost of web access, system updates, and the security risks. Firstly, the POS that allows the user to connect a single register to a larger network of information that would otherwise be unavailable or inconvenient to access, thus, some companies decide to go with a web-based system rather than a software-based system, which direct bring additional cost. What is more, if the companies decided to undertake the software-based point of sale system, they need to continue updating the system with new versions from the manufacturer or software company, which means addition cost/fee. Moreover, customers who use the debit cards with POS system, that will face the security risks problem, If the companies use the web-based system, the customer will under the security and privacy risks that come with doing business on the Internet.
Jia Kim

TSA Begins Security Check Long Before Your Flight -- Security Today - 0 views

  • According to TSA, their goal is to streamline security procedures to all passengers who pose no risk, so before you even arrive at the airport, it is likely that TSA is searching through government and private databases trying to locate information about you.
  • allows the government more authority to use traveler data for domestic airport screenings.
  • it is unknown exactly what information TSA is using to make risk assessments
  • ...1 more annotation...
  • identify low-risk travelers so that lighter screening can be done at airport security checkpoints
  •  
    This article is about how TSA begins to security check. The goal of TSA is to simplify security procedures to all low risk passengers, so it is likely to that TSA searches through database which is provided by government and others even before the passengers arrive at the airport. In order to do thorough security check, there should be more authority of the government. Actually TSA did not undisclose the information that are using to identify the low risk passengers. However, it can be predicted such as follows; Tax identification numbers, car registrations, employment information,past travel itineraries, property records, physical characteristics, law enforcement information and intelligence information.
danikafox

Information risk management solutions provider Paladion raises $10M more from Nadathur ... - 0 views

  • nformation risk management solutions and services provider Paladion has raised $10 million (just over Rs 60 crore) in fresh funding from Nadathur Holdings, an investment firm of Infosys co-founder NS Raghavan, and an early backer of the company.
  • he information security market is entering an exciting phase and we aim to bring a host of new offerings and value to the market,” said Rajat Mohanty, CEO, Paladion.
  • Paladion provides a spectrum of information risk management solutions
  • ...1 more annotation...
  • According to the company, it is one of the largest information risk management solutions and services providers in Asia with an annual revenue run rate of $35 million. With this capital infusion, Paladion also plans to consolidate its leadership position in Asian markets and pivot to a global canvas with security intelligence technology and cloud security services.
  •  
    Paladion, a cyber security intelligence platform, has been incredibly successful with its services. Its most recent success was its' raising of ten million dollars in fresh funding from its investment holders. This capital will be put towards advancing the security system, building a comprehensive cloud security services platform, and global expansion of multiple Security Operation Centers. The company already provides an array of information risk management solutions and services. And its industry expertise includes sectors like banking-finance-insurance, IT & consulting, R&D, and telecommunications. Paladion is on the track for prolonged success and will continue to grow as more advancements are made.
nbakir

Financial Statement Fraud Risk Escalates in Pandemic - CFO Journal. - WSJ - 1 views

  •  
    The article, "Financial Statement Fraud Risks Escalates in Pandemic" by Deloitte Editor focuses on the escalation of risk that is as a result of financial statements fraud. According to the report, the escalation is more persistent due to the COVID-19 pandemic. Fraud occasions consist of three elements, mainly related to pandemics. Pressure due to money shortfalls and other setbacks brought about by the pandemic insert some strains to the organizations that may cause some liquidity problems and significantly affect shareholders' expectations (Deloitte, 2020). Opportunity is also an element of fraud events. The situation of the pandemic may push some organizations to consider some staffing changes to counter the problems brought about by the pandemic. The third element is the rationalization. In times of a pandemic, some individuals or organizations tend not to separate acceptable from unacceptable behaviors. Others engage in manipulative actions in the name of the crisis, which they would otherwise not consider. The article explains that keen examination needs to be done during revenue recognition. Some organizations may fabricate or misstate their revenues to prove their perseverance during a challenging business environment. Another financial reporting risk lies in allowances and reserves. The author states that keen scrutiny needs to be done on the organization's reserve accounts since most of them are based on estimates and mere judgments. The management may be tempted to manipulate these reserves ways to favoring their bottom line. Valuation and impairments also form a financial reporting risk for examination. During turbulent times, organizations are tempted to give false valuations on their assets; hence keen examination would be needed. Additionally, restructuring charges brings a financial report risk in that some organizations may seek to write off their underperforming assets. In other cases, a business may include costs associated with the pandemic a
jordanskj

10 Ways to Reduce Cybersecurity Risk for Your Organization | UpGuard - 0 views

  • ‍Cybersecurity breaches have been on the rise, and it's expected that by 2023, they'll have grown to 15.4 million
  • Make sure all your sensitive data is encrypted
  • Saving your data in normal-text format only makes it easy for hackers to access
  • ...10 more annotations...
  • Some data encryption software even lets you know when other people try to alter or tamper with the information
  • You should also conduct regular backups for your important information
  • statistics show that over 3.4 billion phishing emails are sent globally
  • a hacker may send an email impersonating leaders in the organization asking for personal details
  • make sure you use a patch management system to automatically manage all updates and uphold information security
  • over 80% of organizational data breaches result from weak passwords
  • Chances are that your cyber security is highly dependent on third-party vendors, which is why you can’t afford to ignore vendor risk management
  • Conduct a security assessment and determine whether your critical infrastructure is safe from security breaches.
  • have your IT security teams analyze all server logs frequently and conduct cybersecurity framework audits to make sure their integrity is intact.
  • you should defend your networks from cyber attacks by installing firewalls
  •  
    In this article, the author discusses many different ways to help a business reduce their risk for cyber attacks. The article touches on a statistic about cybersecurity, stating "During the first half of 2021 alone, over 118 million people were impacted by data breaches". There is quick talk about how the policies that a business implements is the make or break of the cybersecurity for your business. For example, one of the main tips to reduce cyber attacks in your business is to make sure your data is encrypted. "Saving your data in normal-text format only makes it easy for hackers to access. Data encryption, on the other hand, limits data access to parties that have the encryption key". Another tip to prevent cyberattacks highlighted in the article is to keep all your employees educated and informed about malicious emails. Conducting regular employee trainings about the dangers of these types of emails could save your business. These types of emails are known to send links that could hack the system, as well as pretend to be higher-up employees in the company asking for personal data or financial information. The article is extremely educational to every business, as well as just the everyday consumer. Keeping your confidential information as confidential as physically possible is very much doable, as long as you make sure you follow these 10 simple tips.
Sungoo Kang

It's No Longer Just a Personal Threat: Businesses have Become the Newest Target for Ide... - 0 views

  •  
    Many organizations in the hospitality industry underestimate the risk and consequences of business identity theft and they should be more concerned with the risk of personal identity theft. A study by the Ponemon Institute demonstrates that a data breach could cost organizations an average of $7.2 million. This does not even include indirect costs such as lost customers or damaged reputations. To prevent identity theft, companies need to be aware that fraud can occur in many unexpected ways. This article gives a few examples that can help firms to reduce the risk of personal identity theft below.  Instituting a shred-all policy to ensure unneeded files are regularly and safely destroyed Restaurants employee should give their receipts directly to staff rather than leave anything on the table or counter Hotels employee should be instructed to store all sensitive documents in a safe place until they can be securely shredded On the cloud, Businesses should conduct a full security audit of any cloud computing company before storing documents on the cloud Identity theft is the fastest growing crime in the hospitality industry. Just being careful isn't enough to protect customers' identity. If the data is spilled, customers will have a less favorable view of your company or may be angered to the point of never allowing you to serve them again. Any amount of loss of trust and loyalty is harmful to your business.
Maria Zuniga

Cyber and data security in the hotel industry - PwC Middle East - 0 views

  • In the Digital Era, technology is everywhere; people can connect to your company, your employees, customers, providers and competitors through laptops, smartphones and even wearable devices.
  • With increasing reliance comes increasing risk, many of which are outside the Enterprise’s control.
  • Legal and regulatory problems bring their own special range of issues. Locking horns with regulators, litigants and judges is the last thing that business needs.
  • ...13 more annotations...
  • This is a landmark piece of legislation that will radically change our perceptions on how personal data should be handled in business
  • The simple truth is that cyber security and data privacy problems can be big news and newsworthiness drives awareness levels
  • Cyber and data security emerged to prominence as a massive risk area, due to a series of high profile breaches affecting payment cards
  • There is also the economic interest in gaining commercial advantages from the use of personal data. Gaining better customer insights and providing them with personalised services are now recognised by many in the hotel industry as core business goals.
  • The purpose of the GDPR is to put people back in control of their personal information and to improve how entities look after personal information while it is in their custody.
  • when things go wrong and they are fully aware of the fact that some of the world’s biggest, richest and more powerful entities have been humbled by poor approaches to security and privacy.
  • This case has established a need for the development of comprehensive information security programmes, annual security audit cycles and post-incident investigations in the hotel sector.
  • Businesses need to think about trust, confidence and brand health and reputation.
  • they have to do much more to tackle the security and cyber risks they face and to live up to the expectations that society places in them
  • People responsible for security and privacy in hotels ought to ask themselves whether their entities have appropriate Visions for desired end states. If not, they should bring together the stakeholders to discuss ways to take things forward.
  • regulation is seen as the antidote to market imperfection.
  • Trust, confidence and brand health may operate in a different timeframe to share prices.
  • In other words, suffering security and privacy failure might be like a cancer, where the harm is hidden from view until it is too late. This returns the focus to legal risk.
  •  
    This article is extremely important. I feel like everyone should read it because it goes hand in hand with what we have learned this week in class. The topic of cyber security is something that people need to shift paradigms. This article brings us great points about the digital era we live in. since everything we do in business now a days has to do with technology, it is important to have security and trust in this. With the increase reliance on this technology comes a higher risk. The article brings up that awareness levels of cyber security and data privacy issues are growing at a steady pace. It is extremely important that in the hospitality industry, Businesses think about trust, confidence and brand health and reputation. This highlights the fact that it doesn't matter if security systems are costly, in the long run if something goes wrong that will end up being the most costly. The article mentions that there will be a regulation established by the EU called General Data Protection Regulation (GDPR). The purpose of the GDPR is to put people back in control of their personal information and to improve how entities look after personal information while it is in their custody. In conclusion, this gives companies a competitive advantage.
anonymous

The High Risk of a 'Wait and See' Approach - Big Think - 0 views

  • On the surface, taking a “wait and see” approach seems to make sense
  • In the past, when we were going through rapid change (not massive transformation like we’re seeing today), a company could use a “wait and see” approach because it was harder for competitors to develop and deploy new offerings quickly, and it was harder for established competitors to change the game or redefine completely
  • Anyone, at any time, can quickly become more relevant than you because the barriers to entry are low and the ability to scale is fast
  • ...13 more annotations...
  • deciding to “wait and see”—can quickly put you on a path of increasing irrelevancy or a rapid demise.
  • you can see how detrimental a “wait and see” approach can be—how you’re actually missing major new opportunities for sales and growth
  • Blockbuster Video may have changed how we rent movies, but Netflix transformed it
  • This year, many forward-looking school districts across the country are moving away from textbooks and issuing tablets filled with ebooks to students
  • This is a game-changing move, and one that will save the school about $25,000 each year
  • The way you can design for mobile users, engage visitors, increase sales, track people, and improve your rankings with search engine optimization are changing so rapidly that if your site is two years old, it’s obsolet
  • In reality, a “wait and see” approach has much more risk than the action being avoided.
  • Today, new competitors can emerge rapidly, and they can even be from another part of the world. Geography is increasingly less of a hindrance
  • deciding to “wait and see”—can quickly put you on a path of increasing irrelevancy or a rapid demise.
  • We’re transforming all of these things plus more, and if you don’t initiate the transformation, someone else will.
  • To see the difference between mere change and game-changing transformation, consider these examples: Barnes & Noble may have changed bookselling by creating the super bookstore, but Amazon transformed how we buy books and so much more
  • Therefore, you have to evaluate what you’re saying “no” to in terms of potential lost opportunity, because what you could gain by saying “yes” will often outweigh the perceived risk and expense.
  • Because technology is increasing so fast and because we are in a period of rapid transformation are the exact reasons why you can no longer “wait and see” what will happen.
  •  
    This article discussed the importance of being ahead of the curve and why the 'wait and see' approach is not beneficial in most cases. If you 'wait and see' you can become irrelevant very quickly as there are many others out there, in many cases other parts of the world, making new inventions and discoveries daily. This article gave a great example where a school system implemented tables and the amount of money they saved was $25k/year. There are many benefits to staying ahead of the curve and as the article states "If you don't do it, someone else will".
  •  
    A "wait and see" approach has a higher risk than it being avoided. One of the cons is that it can pave the way to a company no longer being relevant. New opportunities for sales and growth may be missed if a company does not begin to evolve quickly.
richardkutch

Three ways tech is transforming accounting | Accountancy news | ICAS - 1 views

  • Cloud computing – running applications online rather than on customers' own premises – is one of the most important developments in information technology in the past 10 years.
  • "The use of a true software-as-a-service model allows the development team to evolve the product rapidly,"
  • "That's especially important when it comes to keeping systems up to date with changing tax legislation."
  • ...5 more annotations...
  • Some experts are sceptical about cloud-based tax software. One of the main concerns is the security risk involved in putting customers' data in the cloud.
  • The main risks are accidental loss of data, particularly during a power cut, and hackers getting hold of information.
  • The main reason for changing software, of course, is to keep up with tax law, such as the introduction of the "real-time" pay-as-you-earn tax system in 2013.
  • Being able to access tax and accounting data remotely is also useful.
  • Accountants and business are demanding more from their software. More analysis, more interaction between an accountant and their client, and easier access to information when out of the office
  •  
    This article talks about cloud computing, mobile access and advances in tax software. It refers to the concerns about security with cloud-based tax software. Is it worth risking? Is there really a risk or is it just irrational fear? And doesn't it make it easier when tax codes change that cloud-based tax software would be updated for you? Mobile capabilities and mobile working are interesting. the ability to record expenses on the go and check financial data and manage accounts using a mobile device are very appealing features.
andreagordon99

10 Disadvantages & Risks of Cloud Computing | by Sarah Lavinski | FAUN | Medium - 1 views

  • Cloud Computing is a combination of the use of computer technology (computing) and Internet-based development (cloud). Cloud is a metaphor of the internet, as is the cloud that is often depicted in computer network diagrams.
  • data and cloud protection must be good because if it won’t be dangerous for data confidentiality.
  • weakness of public cloud is where everyone accesses the same server and server and will increase the risk of attack, and down the server.
  • ...2 more annotations...
  • Marketplace companies such as Amazon, Alibaba and Airbnb have considered cloud computing risks and benefits.
  • Disadvantages of cloud computing that has less security can cause data leak to public.
  •  
    This article discusses the risks and disadvantages with cloud computing. Some people love using the cloud and they find it the best way to save their information. Others prefer the use of an external hard drive. While there are pros and cons to both companies should not only rely on cloud computing. As you can find in this article there are some definite disadvantages that need to be worked out before this becomes our only tool for saving information.
1 - 20 of 464 Next › Last »
Showing 20 items per page