Skip to main content
Springer Nature Link
Log in

An Incident Handling Guide for Small Organizations in the Hospitality Sector

  • Conference paper
Trends and Advances in Information Systems and Technologies (WorldCIST'18 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 745))

Included in the following conference series:

  • 9207 Accesses

Abstract

Security threats to small organizations are on the rise and many small organizations do not have the aptitude to address and properly responds to these incidents within their organizations. According to a 2016 Ponemon Institute survey of 600 small businesses, fifty percent (50%) had experienced a data breach and fifty-five percent (55%) had experienced a cyber attack in the past twelve months. Having an incident response plan is the most noteworthy cost-saving measure. The 2017 IBM and Ponemon Study found that organizations who can contain a breach in less than 30 days can save about $1 million. Hence, a small organization without an incident response plan is very likely to face great reputational damage and financial losses. The research methodology reviews current incident response frameworks, identifies relevant incident response guidelines and tailors the current and relevant frameworks into a small business-centric incident response guide that tackles threats the small hotels and casinos face.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Symantec: Internet Security Threat Report. Symantec Corporation, Mountain View (2017)

    Google Scholar 

  2. AusCert, New South Wales Police and Deloitte Touche Tohmatsu: Australian Computer Crime and Security Survey. Australian Computer Emergency Response Team, New South Wales (2002)

    Google Scholar 

  3. Aguilar, L.: SEC.gov | The Need for Greater Focus on the Cybersecurity Challenges Facing Small and Midsize Businesses. https://www.sec.gov/news/statement/cybersecurity-challenges-for-small-midsize-businesses.html

  4. University of Connecticut: Cyber Risk for Small and Medium-Sized Enterprises. The Janet & Mark L. Goldenson Center for Acturial Research, Connecticut (2016)

    Google Scholar 

  5. Marquez, O.: The Costs and Risks of a Security Breach for Small Businesses. https://www.securitymagazine.com/articles/87288-the-costs-and-risks-of-a-security-breach-for-small-businesses

  6. Small Business Presentation. https://www.dhs.gov/sites/default/files/publications/2_small-business-presentation.pdf

  7. Small Business Profile. https://www.sba.gov/sites/default/files/advocacy/SB%20Profiles%202014-15_0.pdf

  8. Corporations Returns Act, by enterprise size and by country of control (Enterprises). http://www.statcan.gc.ca/tables-tableaux/sum-som/l01/cst01/econ166a-eng.htm

  9. JOBS, S.: What are the Different Sectors of the Hospitality Industry? https://www.soegjobs.com/2016/09/07/different-sectors-hospitality-industry/

  10. Nussbaumer, L.: Relationships between the Hospitality Industry and the Touri. https://prezi.com/xrgpzgrqakh9/relationships-between-the-hospitality-industry-and-the-touri/

  11. Terence, T., Ruighaver, T., Atif, A.: Incident handling: where the need for planning is often not recognized. In: 1st Australian Computer, Network & Information Forensics Conference. We-B center & ECU, Perth (2003)

    Google Scholar 

  12. Paulsen, C., Toth, P.: Small Business Information Security. http://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.7621r1.pdf

  13. SURVEY: Small Business Security. http://www.csid.com/wp-content/uploads/2017/01/WP_SmallBizSecurity_2016.pdf

  14. Symantec: Internet Security Threat Report. Symatec (2015)

    Google Scholar 

  15. Husin, J., Singh, D.: A quick cybersecurity wellness evaluation framework for critical organizations. In: 2016 International Conference on ICT in Business Industry & Government (ICTBIG). pp. 1–5. IEEE, Indore (2017)

    Google Scholar 

  16. Incident Response Methods. https://raw.githubusercontent.com/certsocietegenerale/IRM/master/EN/IRM_English_Pack.zip

  17. Shabani, N.: A Study of Cyber Security in Hospitality Industry—Threats and Countermeasures: Case Study in Reno. Nevada. University of South Florida, Sarasota-Manatee (2016)

    Google Scholar 

  18. Do not disturb: Managing Data Protection and Cyber Security in the Hospitality Sector - Pitmans Law. http://www.pitmans.com/news/article/do-not-disturb-managing-data-protection-and-cyber-security-in-the-hospitali

  19. BakerHostetler: 2016 Data Security Incident Response Report. BakerHostetler, New York (2016)

    Google Scholar 

  20. Trustwave: Trustwave Global Security Report. Trustwave, Chicago (2016)

    Google Scholar 

  21. Evans, P.: 113 Canadian hotels in Holiday Inn chain hit by credit card hack. http://www.cbc.ca/news/business/holiday-inn-hotel-hack-1.4079202

  22. Hiller, S.: Top 5 risks and security challenges for hotels in 2015 – eHotelier. http://ehotelier.com/insights/2015/01/23/top-5-risks-and-security-challenges-for-hotels-in-2015/

  23. Pokladnik, M.: An Incident Handling Process for Small and Medium Businesses. SANS Institute InfoSec Reading Room (2007)

    Google Scholar 

  24. Kindervag, J., Holland, R.: Incidence Response. https://www.malwareincidentresponse.com/

  25. Souppaya, M., Scarfone, K.: Guide to Malware Incident Prevention and Handling for Desktops and Laptops

    Google Scholar 

  26. Simons, D.: Malware Incident Response Plan | Malware | Antivirus Software. https://www.scribd.com/document/28726696/Malware-Incident-Response-Plan

  27. Handling Destructive Malware | US-CERT. https://www.us-cert.gov/ncas/tips/ST13-003

  28. Randy, F.: STEP-BY-STEP: Incident Response for Today’s Top 3 Security Scenarios. Monterey Technology Group Inc., California (2017)

    Google Scholar 

  29. Data Breach Investigation Report. http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigation-report_2015_en_xg.pdf

  30. Malware Response. https://msdn.microsoft.com/en-us/library/cc162838.aspx

  31. Malware Outbreak | Incident Response Playbooks Gallery, https://www.incidentresponse.com/playbooks/malware-outbreak

  32. National Institute of Standards and Technology Special Publication 800-61: Computer Security Incident Handling Guide. National Institute of Standards and Technology (2012)

    Google Scholar 

  33. Cabrera, M.: Network DDoS Incident Response Cheat Sheet (by SANS). https://www.slideshare.net/Martinjcabrera/irm-4d-dos

  34. Revuelto, S., Socha, K., Meintanis, S.: DDoS Overview and Incident Response Guide. http://cert.europa.eu/static/WhitePapers/CERT-EU_Security_Whitepaper_DDoS_17-003.pdf

  35. TR12-001: Mitigation Guidelines for Denial-of-Service Attacks. https://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2012/tr12-001-en.aspx

  36. DDoS | Incident Response Playbooks Gallery. https://www.incidentresponse.com/playbooks/ddos

  37. Andre, J.: A Handy Guide on Handling Phishing Attacks. https://blog.komand.com/a-layered-approach-to-handling-phishing-attacks

  38. Incident Response Methods. https://raw.githubusercontent.com/certsocietegenerale/IRM/master/EN/IRM_English_Pack.zip

  39. Phishing | Incident Response Playbooks Gallery. https://www.incidentresponse.com/playbooks/phishing

  40. Most Used Playbooks of 2017 #1: Phishing Playbook. https://resources.siemplify.co/hubfs/PDF%20Downloads/Siemplify_Playbooks_Col1.pdf?hsCtaTracking=bffdaf2e-3732-4461-ba3b-72fdd2f6a2a5%7C5e3cfd4d-7b95-43a9-8c2b-2a78b12d2a8c

  41. Albrethsen, M.: Defending Against Phishing. https://insights.sei.cmu.edu/insider-threat/2016/12/defending-against-phishing.html

  42. Cobit 5 A business framework for the governance and management of enterprise. ISACA, Rolling Meadows, IL (2012)

    Google Scholar 

  43. Rocha, Á., Freixo, J.: Information architecture for quality management support in hospitals. J. Med. Syst. 39(10), 125 (2015)

    Article  Google Scholar 

Download references

Acknowledgement

I thank the Lord Almighty for the strength and wisdom to undertake and complete this research. I also thank my advisors, Professor Bobby, Professor Shaun, and Professor Ron for all the ideas and encouragement they contributed to the success of the research; and to my family and friends for being supportive till the end.

Author information

Authors and Affiliations

  1. Concordia University of Edmonton, Edmonton, AB, T5B 4E4, Canada

    Oluwadamilola Ogunyebi, Bobby Swar & Shaun Aghili

Authors
  1. Oluwadamilola Ogunyebi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bobby Swar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shaun Aghili
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Oluwadamilola Ogunyebi .

Editor information

Editors and Affiliations

  1. Departamento de Engenharia Informática, Universidade de Coimbra, Coimbra, Portugal

    Álvaro Rocha

  2. College of Engineering, The Ohio State University, Columbus, OH, USA

    Hojjat Adeli

  3. DSI/EEUM, Universidade do Minho, Guimarães, Portugal

    Luís Paulo Reis

  4. DIMES, Università della Calabria, Arcavacata di Rende, Italy

    Sandra Costanzo

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Cite this paper

Ogunyebi, O., Swar, B., Aghili, S. (2018). An Incident Handling Guide for Small Organizations in the Hospitality Sector. In: Rocha, Á., Adeli, H., Reis, L.P., Costanzo, S. (eds) Trends and Advances in Information Systems and Technologies. WorldCIST'18 2018. Advances in Intelligent Systems and Computing, vol 745. Springer, Cham. https://doi.org/10.1007/978-3-319-77703-0_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-77703-0_23

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-77702-3

  • Online ISBN: 978-3-319-77703-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics