Tech Talk

Recent posts

This is the last issue of Siegel Sez before this year’s CYBER HITEC event. HITEC is an event I have not missed in 30 years, and historically it has always been a great place to find innovation.

Toxicity Kills
Posted: 10/07/2020

It doesn’t matter if it is toxins in your physical environment or toxins in your mental environment. This stuff kills! 

It’s said that when someone’s mindset shifts, everything around them can change at the same time, and in our current setting, the importance of being in the right headspace, both personally and as an organization, can’t be discussed enough.

In my last installment, I introduced four areas of hospitality technology that I believe have been significantly changed by COVID-19. I covered contactless technologies in depth in that first article. This week I will turn to the other three areas: social distancing; health and sanitation; and communications.

If Elon Musk Was A Hotelier
Posted: 09/25/2020

What if a person of Elon Musk’s character and bravado were to enter the hotel industry? How would they shake things up and presage the next ‘game-changers’ to propel hospitality beyond our current challenges?

want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.


What to Expect When You’re Expecting….in Cyber Security

by Karen O'Neill

When a new child is coming into this world the endearing couple is anxiously awaiting the special delivery and wonder if they are prepared. Most couple research extensively to prepare for the event. Similar to this rite of passage, the hospitality industry is awaiting a delivery of a darker kind and one that each professional should be anxiously monitoring.

Former Defense Secretary Leon E. Panetta warned that the United States was facing the possibility of a cyber-Pearl Harbor and was increasingly vulnerable to foreign computer hackers.

In varying degrees we are all connected to this new delivery termed cyberwarfare, the next evolution of cybersecurity and the impact on all of us is remarkable. Cyberattacks are increasing because technology is changing minute to minute, data is doubling every year, and more than 2 billion people are online. In an excerpt from InfoWorld, January 28, 2013, author Israel Martinez from the Cyber Security Council writes, “The paradigm in the U.S. must shift from defense to offense. This type of threat is going to be a very big problem for us over the next 12 months."

Is the hospitality industry apprehensive about this newborn? Rest assured, there are new people, processes and technology that can help avoid cyberparalysis, poor investments and help prepare an effective cyberdefense and offense.

The term cyberwarfare implies a series of battles with a virtual enemy, and recent experience proves it to be true. For many of us, it means the days of simply complying with standards (e.g., PCI, SOX 404, HIPAA) are over. While compliance will remain important, new threats introduce a need to prepare against a generation of malware and actors that have earned the acronym advanced persistent threats (APTs). Sadly, achieving compliance will no longer save us from global cyberattacks on our hotels nor will it save us from a new generation of accountability. Earlier this year, Wyndham experienced this as the FTC filed a complaint against the corporation suggesting companies must live up to the promises made about privacy and data security.

According to industry experts advanced persistent threats now abound. As discussed at the Gartner conference in 2012, “You’re already infected, you just don’t know it.” An APT combines malware and human resources to effectively and purposely breach specific organizations, especially those with personal client information. This new generation of APTs is so sophisticated and persistent it will seek to penetrate devices until the objective is achieved and cover tracks to exploit access in future initiatives. These attacks are against privacy, i.p., data and stability via our IP networks, computers, servers, cell phones, smartphones, social network sites and even against internal business systems required to support operations. Moreover, the HP 2012 Cyber Risk report, demonstrates that an APT is already located inside a network for an average 418 days before it’s discovered.

Because of these APTs, accountability methods and consequences by government, board members, industry, fiduciary mandates and customers are evolving quickly. Effective cybersecurity within a strong enterprise risk management strategy, combined with regulatory compliance, is now the new mandate. Leadership must consider this an integral part of their business strategy and even a board-level issue when relevant. New generation consequences for sub-standard cybersecurity now range from digital reputation damage, fines and even stock price loss. Many believe corporations like Nortel have gone out of business because of APTs and the chain reaction of ill preparedness.

Is the industry prepared for the responsibilities of the new effects of cyberwarfare? In the March 28, 2013 WallStreet Journal, Shawn Henry, former executive assistant director for the FBI, said “The current public and private approach to fending off hackers is unsustainable. Computer criminals are simply too talented and defensive measures too weak to stop them.” 

The U.S. Federal Government is introducing yet greater accountability and remediation methods including a Presidential Directive, House Bill known as CISPA, The Cyber Intelligence Sharing and Protect Act . CISPA encourages industry to voluntarily share cyberthreat information with the U.S. government and the most recent draft has a provision for the private sector to counter an attack. This directive is meant to proactively affect small and large operators in the private and public sector in an effort to combat this threat that impacts critical infrastructure.

How should the hospitality industry prepare for this new generational threat? Here are some key tips gathered from security experts that might help.

1. Leverage new approaches. Technology and the subject matter is evolving quickly.

   a. Security intelligence: the art/science of detecting assets that are already infected. That list already exists. One company is collecting more than 7 million newly APT infected devices per day. A company can simply run a report to see if its IT assets are listed.

   b. Mobile device sales are dwarfing PC sales and account for more than 12 percent of global Internet traffic. Detecting and remediating advanced malware on a mobile device including current compromises which bypassed all of the existing security solutions should be part of the strategy. This type of solution has no additional hardware investment and runs in the cloud.

   c. State-of-the-art tactics are available to analyze digital behavior.

2. Consider cybersecurity insurance. As stated by the Department of Homeland Security, “Cybersecurity insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, network damage and cyber extortion.”

3. Stay informed, education exists and is available today. 

   a. Stay on top of cybersecurity legislation as it evolves.

   b. Employee training regarding topics like social engineering threats such as spear phishing is critical.

   c. Leadership knowledge is available, such as what every CxO should know before during and after a cyberbreach. This type of knowledge training can also apply to senior hotel leadership.

   d. SANS Institute supplies education courses online and in the classroom, as well as supporting material including, the top 20 critical security controls.

Take action. Even the consideration of one of these tips may save a property, corporation and valuable guests.

About The Author
Karen O'Neill
KnockOut Hospitality Consulting LLC

Karen O'Neill is a thought leader and hospitality industry veteran with 20 years of experience supporting top tier hospitality and restaurant clients. She is the founder and President of KnockOut Hospitality Consulting LLC, working closely with hospitality companies as they look to optimize, streamline and energize their operations and initiatives. She can be reached at, and for more information at

Blog post currently doesn't have any comments.
Leave comment

 Security code