⚠ We would appreciate if you would disable your ad blocker when visiting our site! ⚠

CyberRisk: What You Don’t Know May Get You

Order a reprint of this story
Close (X)

To reprint an article or any part of an article from Hospitality Upgrade please email geneva@hospitalityupgrade.com. Fee is $250 per reprint. One-time reprint. Fee may be waived under certain circumstances.


June 01, 2005
F&B | Wireless
Scott Anderson

View Magazine Version of This Article

© 2004 Hospitality Upgrade. No reproduction without written permission.

Congratulations, you have managed the new Can-Spam law, solved the worms, beat the Trojan horses and cracked the latest virus. Perhaps now you can rest or at least move on to forward-looking IT projects. Not so fast. There is a risk greater than the latest virus that no antivirus software can find and destroy. This risk comes from the terrestrial world, specifically from insurance. Yes, insurance. As e-commerce has grown so have the insurance risks related to cyber-commerce. While we have been busy trying to manage third-party intermediaries, the insurance industry has been busy creating new exclusions in both our property and crime coverage as well as adding new exclusions in our liability policies.

It is time to sit down with your insurance broker, your CFO and other members of your management team and be sure you understand what is and is not covered under your current policies. Identify your risks and close the holes that may exist in your current coverage.

Last year the insurance industry introduced new broad-form policy exclusions that specifically exclude many online risks. You need to consider these carefully in the context of your specific operation.

Property and Crime Coverage
Intangible Property—Many of us have spent both time and money creating and collecting data about our customers. These databases are commonly called intangible property. Most current property policies exclude the loss of these databases. Clearly, there is tremendous value in these databases. You should determine their value for your company and add a rider to your policy to cover the potential loss of this database.

Business Interruption—On average, 14 percent of our reservations come from the online world and, on average, 50 percent of that business comes from our own Web sites. Imagine your site being down for a long period of time. Your current policy most likely does not cover the loss of revenue from a downed Web site.

Cyber Extortion—In a recent article in the USA Today several gaming sites disclosed they had been victims of cyber extortion. Simply stated, a cyber extorter threatens to flood your server with cyber babble if you do not pay money. This threat is often excluded in your policies.

Credit Card Fraud—Most policies cover credit card fraud perpetrated on a hotel from the terrestrial world. This is often not the case when that credit card fraud took place in the online realm. Again, policies differ but this is an area in your own insurance policies you should review.

Electronic Liability
Your property and crime policies cover loss of income or property. Liability coverage is perhaps even more critical as it covers actions or activities by you and your hotel that might be actionable from third parties. You may not be covered in the following circumstances.

Downstream Liability—Heaven forbid a member of your team either unwillingly or maliciously uploads a virus or worm to the Internet. Assuming the actual action can be tracked back to your server, you can be held liable for the cost of repairs and lost revenue. It is quite possible that you are not covered for this liability, including the defense of any resulting litigation and the cost of repair. Last year, the cost to repair systems due to these threats exceeded the cost of forest fires in the United States. This is a real risk.

Breach of Security—Earlier we referenced the valuable customer database you and your team have created over the last several years. This database, created to assist in marketing and CRM, contains customer credit card information, addresses, social security numbers and other personal data. If that database is hacked and the information is taken, identity theft is a real risk. This is another exclusion in many liability policies.

Errors and Omissions—Postings that are inaccurate can create tremendous problems for the hotelier. Imagine posting the rate of your presidential suite at $85 rather than $850 per night. This is an easy error to make that could cost you $765 per night. Most liability policies do not cover this type of error either.

Every property and liability policy is different and perhaps your policy already covers these new risks. But unless you recently conducted a thorough insurance review and added several new riders to the policy, chances are you are exposed in at least a few of these areas without your knowledge. It is worth the effort to find out.

Scott Anderson is president and CEO of High Country Hospitality, a technology and marketing consulting company in the hospitality industry business. His firm specializes in the convergence of technology and the sales and marketing process as well as e-distribution management.

want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.