August 31, 2016
-
Joe Franscella
,

Another 'TAXII Service' for the Hospitality Industry

<p>We as consumers use all sorts of criteria to decide what to eat, what to buy and where to go. Reputation and branding are some of the more conceptual factors by which we evaluate a purchase choice, but their powers are undoubtable. Reputation can be staked on some hard facts, particularly when it comes to cyber-security.</p><p>Hotels go to great length to make guests feel at home. Guests reasonably expect a safe experience, and the hospitality industry must do as much to secure their networks as they do making sure their facility feels welcoming.</p><p>Trusting your personal and financial data to a business is a big decision, and consumers are beginning to be more discriminating about to whom they volunteer their financial and personal identifying info. Studies report <a href="https://www.internetretailer.com/2015/02/03/online-shoppers-hesitate-buy-because-security-concerns" target="_blank">60% of consumers lack confidence</a> in the cyber-security of brick and mortar locations.</p><p>Working to gain an edge in garnering the public’s trust can be a huge competitive advantage. Conversely, one event can be incredibly costly. Large companies spend upwards of tens of thousands of dollars each day resolving the damage done by a data breach. Smaller companies which lack these resources regrettably <a href="http://www.huffingtonpost.co.uk/shivvy-jervis/cyber-attacks-business_b_5083906.html" target="_blank">go out of business within six months</a> on average.</p><p>Hackers have been finding ways to intercept credit card transactions in so-called point of sale breaches. When such a POS hack affects a hotel chain, hackers can gather credit card info in hotel bars and restaurants. Compromised accounts can be used to make fraudulent purchases and/or sold to other thieves or scam artists.</p><p>Wifi traffic is also vulnerable. Many people travel for work, taking sensitive data with them into their rooms. Laptops, mobiles, and smart devices can be hacked in a hotel. Malware and other threats can be inadvertently brought home like bed bugs.</p><p>As the reality of the prevalence of hacking begins to take hold in our public conscious, guests will hopefully begin taking more <a href="https://www.anomali.com/blog/threat-intelligence-facts-for-protecting-data">responsibility for securing their devices</a> and adopt better practices for encrypting their data. Unfortunately, most private individuals are not doing enough and some are doing nothing at all.</p><p>Still, the modern innkeepers must do their best to assure security and privacy. Using a threat intelligence program allows you to detect suspicious behavior ahead of time. Applications are more recently able to communicate with one another thanks to the adaptation of universal standards for notating threat incidents.</p><p>One of these conventions, TAXII, is used by threat intelligence platforms from many different developers. The TAXII server facilitates the collection, sharing, and analysis of cyber-threat intelligence. It can be an important component of your threat intelligence system. The Trusted Automated eXchange of Indicator Information language allows for notating the most important identifying details:</p><ul><li>Indicators</li><li>Incidents</li><li>Threat Actors</li><li>Targets</li><li>Course of action</li></ul><p>Cyber-crime including data breaches and consumer info hacks place a huge burden on businesses. The <a href="https://www.theguardian.com/business/2015/jan/21/cybersecurity-small-business-thwarting-hackers-obama-cameron" target="_blank">US spends over $100 billion a year</a>, resolving breaches and making up for competitive setbacks. This is a figure which experts predict will escalate. This is a conservative estimate at best, given that many attacks go unreported.</p><p>Another good reason for using a threat intelligence platform that sends and receives threat intelligence using <a href="https://www.anomali.com/blog/stix-taxii-hacks-4-things-you-need-to-know">a STIX or TAXII server</a> is for compliance with the law. Bills mandating threat intelligence platforms are gaining support, and government contractors must currently have satisfactory threat intelligence programs. If your business plans to keep government contracts as a source of business, compliance is an inevitability.</p><p>Don’t be left out in the rain when a POS hack or wifi data breach hits. Start using a TAXII server before you’re left wondering what happened.</p><p>Make sure you know how to share you information. Download this complimentary whitepaper and learn best practices for information sharing, the standards for the exchange of information and the obstacles that may arise.</p><p><span class="hs-cta-wrapper" id="hs-cta-wrapper-bf271459-62f1-402a-848f-8053e3969477"><span class="hs-cta-node hs-cta-bf271459-62f1-402a-848f-8053e3969477" data-hs-drop="true" id="hs-cta-bf271459-62f1-402a-848f-8053e3969477" style="visibility: visible; display: block; text-align: center;"><a class="cta_button" cta_dest_link="{page_3453}" href="https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/c/?cta_guid=18fe26c8-b204-4974-b043-7029208f22e1&amp;placement_guid=bf271459-62f1-402a-848f-8053e3969477&amp;portal_id=458120&amp;redirect_url=APefjpEu1zKuT6b2ATxA7lkdev4wf9_u2Att9sHfwu3y0kssaScecg7h0cx2E4ORQNaSoH2uiF5ptOPauMrCL7HJ4GJQWANlElFSGhrB665do1pjHDW0hudqyQkvuQWGgFVAk8fGv6eJvYKbRsltIn9JUY1L730JNNMtuJV36BiYVm66tuvoDxRw9X_RgIzPa2t7TDe1arPi3HHCh2mUB6UGrI9YDjCT8luvS5TDu9z-ffw43CqI3A5JlNFCbgYGIJr5DF3_vuOFWG9IYMUesaUvayD82aoePwWfCR_Hx1GmRSYwF2LOpjpXaSbavda2IdZzcJUS3HkKRFJsDOvNf6_jOTm3tjluXQ&amp;hsutk=2767d93d6471d657e0c9f660e4b58ef8&amp;utm_referrer=https%3A%2F%2Fblog.anomali.com%2Fanother-taxii-server-for-the-hospitality-industry&amp;canon=https%3A%2F%2Fblog.anomali.com%2Fanother-taxii-server-for-the-hospitality-industry&amp;pageId=4374013503&amp;__hstc=41179005.2767d93d6471d657e0c9f660e4b58ef8.1456736058655.1478822660171.1478831861868.179&amp;__hssc=41179005.18.1478831861868&amp;__hsfp=1335165674" id="cta_button_458120_18fe26c8-b204-4974-b043-7029208f22e1" style="margin: 20px auto;" target="_blank" title="Download Here">Download Here </a> </span> <script charset="utf-8" src="https://js.hscta.net/cta/current.js"></script> <script type="text/javascript">hbspt.cta.load(458120, 'bf271459-62f1-402a-848f-8053e3969477', {});</script> </span></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.