As ever, Rob Lands and Mark Stephens are ahead of the curve.
At our Early Check-In hotel breakfast seminar on 20 June 2019, the panel of experts agreed some clear recommendations for hoteliers concerned about cyber-security:
- make sure all staff are properly trained,
- appoint a chief technical officer at board level,
- insure against cyber-incidents, and
- plan your response in advance for when it happens (because it's a case of when, rather than if).
The fine proposed the by Information Commissioner’s Office of £99,200,396 announced yesterday - to be imposed on Marriott International in respect of criminal data theft from Starwood Hotels' former guest reservation database - is in respect of the UK only. The UK ICO is the enforcement agency for only one of the 28 EU countries subject to GDPR, so there must be a concern that further fines are to come.
As Marriott International has indicated in its SEC filing, it has the right to respond before any final determination is made and a fine can be issued by the ICO. The company stated that it "intends to respond and vigorously defend its position".
The next Early Check-In is on 19 September 2019, when we will be looking at hotel operating models.
/Passle/5ae9851e7bae7607b4016f56/SearchServiceImages/2026-03-27-11-13-21-410-69c66651581b3dfdafe008ce.jpg)
/Passle/5ae9851e7bae7607b4016f56/SearchServiceImages/2026-03-25-15-35-48-503-69c400d4cc69e1b6ed421e0c.jpg)
/Passle/5ae9851e7bae7607b4016f56/SearchServiceImages/2026-02-25-17-13-08-736-699f2da41b154ab0c46ae062.jpg)