4 in 10 executives (which is 40%) at hotels say that 16-25% of their total IT budget is devoted to cybersecurity.

Deep nudes services offer free trials or limited free plans, with paid versions being relatively affordable, with subscriptions ranging from just $9.99 to $22 per month.

80% of organizations with low visibility of their software supply chain view critical factors like custom code, commercial off-the-shelf software, and API integrations as "very risky" or "somewhat risky".

40% of hotel IT and security leaders say outdated technology increases their cybersecurity risk.

Among critical sector organisations at Level 4 maturity, 65% reported zero intrusions in the past year.

Fewer than 50% of hotels have deployed advanced defenses like vulnerability scanning, automated data backups, or integrated ransomware protection.

About half (49%) of companies say they lack the visibility to fully understand – or even identify – software supply chain risks.

12% of hotel IT and security leaders said an attack could lead to hotel closure.

50% of hotel IT and security executives expect an increase in attack severity during the summer 2025 travel season.

Despite high investment in enhanced software supply chain security, Europe ranks lowest at 23% in prioritizing engaging with software suppliers about security credentials

72% of hotels are investing in next-gen antivirus, anti-malware, and anti-spam.

In Latin America, 50% say they are prepared for software supply chain attacks.

Top hotel attack methods include data breaches exposing sensitive guest PII (46%), phishing attacks (40%), and guest Wi-Fi network compromise or misuse (38%).

26% of hotel IT and security leaders report limited in-house cybersecurity expertise.

26% of hotel IT and security leaders say an influx of seasonal employees unfamiliar with cyber policies and best practices increases risk.

In 2025, more than half (52%) of organisations in the critical sector report that the CISO or CSO is now directly responsible for OT security. This represents a dramatic rise from just 16% in 2022 regarding CISO/CSO responsibility for OT security.

The most likely business impacts of a cyberattack on a hotel include reputational damage from negative reviews (66%), financial losses (46%), lawsuits (42%), lower occupancy (32%), and higher insurance premiums (30%).

30% of hotels do not have plans to outsource to a managed security service provider (MSSP)

Manufacturing accounted for 17% of all targeted attacks, more than any other sector, according to Fortinet’s 2025 Global Threat Landscape Report.

39% of CEOs say AI adoption presents a greater risk to the software supply chain.