VikingCloud

66% of hotel IT and security executives expect a rise in attack frequency during the summer 2025 travel season.

32% of hotel IT and security leaders say a significant increase in credit card transactions will increase their cybersecurity risk during the busy travel season.

66% of hotels are investing in VPNs.

26% of hotel IT and security leaders say an influx of seasonal employees unfamiliar with cyber policies and best practices increases risk.

Adoption of dark web monitoring among hotels is 26%.

Adoption of penetration testing among hotels is 28%.

12% of hotel IT and security leaders said an attack could lead to hotel closure.

50% of hotel IT and security executives expect an increase in attack severity during the summer 2025 travel season.

42% of hotel IT and security executives say weaknesses in third-party systems like payment processors and booking platforms increase their cybersecurity risk.

58% of hotels were targeted by five or more attacks during summer 2024.

4 in 10 executives (which is 40%) at hotels say that 16-25% of their total IT budget is devoted to cybersecurity.

72% of hotels are investing in next-gen antivirus, anti-malware, and anti-spam.

40% of hotel IT and security leaders say outdated technology increases their cybersecurity risk.

Fewer than 50% of hotels have deployed advanced defenses like vulnerability scanning, automated data backups, or integrated ransomware protection.

30% of hotels do not have plans to outsource to a managed security service provider (MSSP)

72% of hotel IT and security executives identified payment systems and point-of-sale (POS) technology as the most vulnerable guest-facing technology.

56% of hotel IT and security executives identified guest Wi-Fi as a most vulnerable guest-facing technology.

16% of hotel IT and security leaders struggle to fill cybersecurity job vacancies.

48% of hotel IT and security executives are not confident in their staff's ability to reliably identify and respond to sophisticated AI-driven cyberattacks and deepfakes.

26% of hotel IT and security leaders report limited in-house cybersecurity expertise.

82% of North American hotels were hit with a successful cyberattack during summer 2024.

22% of hotel IT and security executives admitted that cybercriminals outpace their teams.

34% of hotel IT and security executives identified front desk systems as a most vulnerable guest-facing technology.

Top hotel attack methods include data breaches exposing sensitive guest PII (46%), phishing attacks (40%), and guest Wi-Fi network compromise or misuse (38%).

Last summer, 44% of hotels experienced more than 12 hours of downtime due to an attack.

34% of hotel IT and security leaders are worried about POS system attacks disrupting in-person transactions.

The most likely business impacts of a cyberattack on a hotel include reputational damage from negative reviews (66%), financial losses (46%), lawsuits (42%), lower occupancy (32%), and higher insurance premiums (30%).

70% of hotels are investing in firewalls.

Wi-Fi or network disruptions (52%) were the most common cyber disruptions faced by SMBs in the past 12 months.

SMBs are twice as likely to be unaware they’ve been breached by more sophisticated attacks, like a deepfake, compared with more common threats like network downtime.

16% of SMBs never back up their data.

Phishing texts and emails (48%) were a common cyber disruption faced by SMBs in the past 12 months.

49% of SMBs believe AI will be most useful in offering real-time threat response recommendations.

50% of SMB tech stacks include antivirus software.

32% of SMBs lack the budget to hire more cyber staff.

24% of SMBs were targeted by malware in the past 12 months.

55% of SMBs believe AI will be most useful in identifying threats before they impact business operations.

A successful cyberattack would force nearly 1 in 5 SMBs to close.

49% of SMBs believe AI will be most useful in flagging phishing emails and texts.

23% of SMBs use easily hackable passwords with a pet’s name, a series of numbers, or a family member’s name.

For nearly a third of SMBs, a cyberattack with minimal financial impact – less than $10,000 – would cause them to shut down.

The risk of business downtime (55%) from cyberattacks is a concern for SMB owners.

22% of SMBs have deployed dark web monitoring.

19% of SMBs experienced deepfake attacks in the past 12 months.

Over half of SMB owners (52%) see cybersecurity as a revenue booster

Fake social media accounts or website domains (32%) were a common cyber disruption faced by SMBs in the past 12 months.

18% of SMBs have deployed penetration testing.

14% of SMBs experienced ransomware attacks in the past 12 months.

47% of SMB tech stacks include network scanning.

19% of SMBs experienced denial of service attacks in the past 12 months.