In 2018, Marriott International discovered cybercriminals had compromised its guest reservation system. The corporation confirmed the data breach exposed the personal identifiable information (PII) of nearly 500 million international customers who had made bookings with the company’s Starwood properties. The cyber incident resulted in Marriott facing significant recovery expenses, legal ramifications and reputational damage. The company is estimated to have lost over $1 billion in revenue following the incident.
Lessons Learned from the Marriott International Breach
There are several cybersecurity takeaways from the Marriott data breach, including these important lessons:
1. Remote Desktop Protocol (RDP)
Exposed RDP ports were a potential culprit of this costly incident. These useful workplace tools allow employees to remotely connect to other servers or devices. Unfortunately, RDPs also leave ports open for cybercriminals to deploy malicious software or other harmful programs. RDP ports should never be unnecessarily left open to the internet. Applied virtual private networks (VPNs) and multi-factor authentication (MFA) protocols can prevent RDP ports from being exploited.
2. Mergers & Acquisitions (M&A)
As cyber incidents continue to surge, cybersecurity should be prioritized during any M&A activity. Marriott neglected to assess cybersecurity vulnerabilities amid its acquisition of Starwood. An effective cybersecurity infrastructure between Starwood and Marriott, including shared digital processes and security policies, would have maintained a uniform defense strategy against cybercriminals.
3. Security & Software
Utilizing proper security and threat detection software would have helped both Starwood and Marriott quickly identify and mitigate the breach. While software is an expensive investment, its ability to minimize the impact of devastating cyber incidents is invaluable. Organizations should invest in software, including network monitoring systems, antivirus programs, endpoint detection products and patch management tools. Be sure to test your software for security gaps and vulnerabilities through routine penetration testing.
4. Proper Coverage Can Provide Much Needed Protection
The Marriott breach proves no organization is immune to cyber-related losses. You can ensure adequate cyber incident protection with proper cyber coverage, which can help cover the costs incurred as a result of cyber extortion. Make sure your organization partners with a trusted insurance professional and cyber risk expert when navigating these coverage decisions.
We’re Here to Help with Cyber Security
To help you understand your current level of risk associated with cyberattacks, download our Cyber Risk Exposure Scorecard. For further information on the Marriott breach or more tips on cybersecurity protection, connect with a member of our team about cyber liability insurance coverage.