Insights and tips on how to protect your inn or bed & breakfast, giving you and your guests peace of mind.

Ward, Hayden
/ Categories: BLOG Articles

3 Common Cyberthreats Inns Should Stay on Top Of

Man looking with concern at laptop

The nature of day-to-day business at an inn puts them at high risk of cyberattacks. By handling enormous amounts of personally identifiable information (PII) and personal financial information (PFI), they’re a lucrative target for cybercriminals.

Read on to learn more about these cyberthreats and get tips for preventing cyberattacks at your inn.

Why is the Hospitality Industry an Easy Target for Cyberattacks?

Inns are seen as easy and profitable targets for cyberattacks. Here’s why:

  • Technology Dependence: Guests rely on online services to make bookings and payments. Digital keys are also commonly used to improve efficiencies.
  • Third-party Risk: Most bookings are made through third-party websites or a third-party management software. This leaves inns vulnerable to cyber losses if one of their third-party vendors is compromised.
  • Valuable Information: Inns collect valuable PII, including passport information, addresses and emails. They also store debit and credit card information from payments, which may be kept for months or even years in advance of a reservation.
  • Connected Devices: Digitalization has created a greater surface area for cyberattacks. Smart TVs, elevators, security systems and smart ventilation systems have created new vulnerabilities. Each can be used as an entry point for attack.
  • Inadequate Security: Most web hosts use low-quality servers that lack adequate security measures. This creates an opportunity for hackers. Heavy reliance on third-party websites also means inns are exposed to security gaps on external servers.

Common Cyberthreats for Inns

Here are some of the most significant cybersecurity threats for inns:

  • Phishing: These attacks are designed to trick employees into clicking links in official-looking emails. Hackers use these attacks to steal sensitive data, such as credit card information and login credentials, or install malware. Often, the malware installed during phishing attacks is ransomware.
  • Ransomware: Ransomware is a type of malicious software cybercriminals use to restrict system and data access until a ransom is paid. Sometimes these cyberpunks will threaten to leak sensitive information online if the ransom isn’t paid. Global ransomware damages are projected to surpass $30 billion in 2023. Further, according to Cybersecurity Ventures, the global cost of ransomware is projected to reach $265 billion by 2031.
  • Distributed Denial of Service (DDoS): The heavy reliance inns place on their networks for daily operations puts them at high risk for these types of attacks. DDoS attacks take advantage of an organization’s limited website capacity. Hackers will send multiple requests to the targeted website to exceed its capacity and prevent it from functioning properly.

Cybersecurity Practices

Here are best practices to protect against cyberattacks at your inn:

  • Multifactor Authentication (MFA): This method of protection requires at least two forms of identification to be presented before permitting access to company systems.
  • Employee Training: All employees should be trained to recognize and respond to phishing emails and other scams.
  • Data Back-ups: In case of a ransomware attack, having data backed up in a separate location may allow your company to return to business quickly without paying a ransom.
  • Install Antivirus Programs: Antivirus programs should be installed on all connected devices. These include smart TVs, elevators, security systems and ventilation systems.
  • Encryption: This scrambles data to make it unreadable without a key. This will help prevent unauthorized users from understanding important data if they gain access to it.

Proper mitigation can reduce the likelihood that a major cyber loss will occur. Inns that employ cybersecurity best practices will also likely receive better pricing, terms and conditions on their cyber insurance policies.

Make Cyberthreat Worries a Thing of the Past

Cyberattacks pose a serious threat to all businesses. For inns, which rely heavily on websites for reservations and payments, the risk is often greater. To give yourself extra peace of mind, it's a great idea to make sure your business has cyber insurance coverage. For additional safety guidance and insurance solutions for your inn business, connect with a member of our team.

This blog may contain scenarios that are provided as examples only. Coverage is subject to the terms, conditions and exclusions of the policy issued. The information provided is general in nature and may be affected by changes in law or the interpretation of such laws. The reader is advised to contact a professional prior to taking any action based upon this information.

2932 Rate this article:
No rating

Leave a comment

This form collects your name, email, IP address and content so that we can keep track of the comments placed on the website. For more info check our Privacy Policy and Terms Of Use where you will get more info on where, how and why we store your data.
Add comment

Theme picker



885.945.5221 | innkeepers@cbiz.com 

700 W 47th Street, Suite 1100 |
Kansas City, MO 64112 

Monday - Friday | 8:30 a.m. - 5 p.m. (CST)


CBIZ Innkeepers Insurance, a division of CBIZ Insurance Services, Inc., is the largest insurer of innkeeper businesses in the United States. As part of an $850 million New York Stock Exchange traded company (CBZ), we developed a specific policy coverage to meet the needs for inns and bed & breakfasts, and the amenities offered by these businesses. Our policy is underwritten by an A.M. Best Rated A++ (Superior) company.

The CBIZ Innkeepers Insurance team knows insurance, specifically the risks and exposures related to beds & breakfasts. We won't confuse you with technical "insurance speak" — our representatives will explain your coverage in simple terms. With hands-on, personal customer service, we guarantee swift communication. As specialists in the industry, we leverage our knowledge and passion to ensure you and your inn are protected.





Association of Lodging Professionals Logo.


Select Registry Endorsement logo.