Recently Derek Hanson, vice president and product evangelist at Yubico, spoke with Paul Malcomb, cyber threat intelligence analyst and engagement lead at Retail and Hospitality ISAC (RH-ISAC), on their podcast. Derek shared insight on how passwordless authentication using FIDO and phishing-resistant MFA can help retail and hospitality organizations accomplish business goals such as ensuring strong security while enhancing the customer experience. Their conversation highlights important security topics the retail and hospitality industry faces today, including tips and best practices for staying secure as we continue seeing an increase in sophisticated attacks like phishing, smishing and ransomware. 

Check out their discussion here as they dive into the topic in detail at the link below, which starts at 14:48. 

As highlighted in the conversation, cyberattacks are commonplace around the globe and retail and hospitality sectors are among the top three most compromised industries: 

In June 2022, Marriott International reported a social engineering attack, the third attack on the brand in four years; A 7-Eleven in Denmark recently had a store shutdown that made checkouts and payment systems inoperable; Holiday Inn owner, Intercontinental Hotels Group (IHG) recently had their booking channels and other applications disrupted; and In 2021, a ransomware attack on Nordic Choice Hotels paralyzed most of its systems, including digital room key cards, and exposed employee data to the dark web. 

What makes these industries vulnerable?

The high availability of both payment card information (PCI) and other sensitive personal information makes these organizations a lucrative target for cyber attacks including phishing, malware, SIM swaps, and man-in-the-middle (MiTM) attacks. To protect against evolving cyber threats, modern authentication should be a first-line defense of any cybersecurity strategy to secure shared devices, protect sensitive data, and prevent account takeovers. 

Adoption of modern MFA as the bridge to passwordless authentication

Ultimately, the actions of users are the biggest weakness in legacy or basic MFA such as username and passwords, SMS and mobile-based authentication – which are all vulnerable to cyberattacks. The global best practice is to utilize modern phishing-resistant MFA like  a YubiKey, which is a hardware security key that leverages modern, secure authentication protocols like FIDO2 and Webauthn.

YubiKeys prevent phishing and other modern threat vectors and set organizations up to eventually move to passwordless authentication—authentication that does not require the user to provide a password at login at all. Eliminating passwords altogether accrues many benefits to the organization including enhanced security, operational efficiency, fewer calls to the help desk, and less downtime for users. 

In addition to security, the user experience that modern authentication solutions provide is critical for the retail and hospitality industry which is so consumer and customer-facing. Quick and trusted authentication by employees at retail point-of-sale systems, or hotel registration desks and many other scenarios delivers a seamless experience for guests and staff alike. 

Interested to learn more about what Yubico is doing in retail and hospitality?

Join us at the RH-ISAC Cyber Intelligence Summit from September 20-21, 2022 in Plano, Texas, where we’ll be to answer all questions regarding the use of security keys in the retail and hospitality industry.

During the event on Tuesday September 20 at 11:15am CDT, Jerrod Chong, Chief Solutions Officer at Yubico, will be speaking with Art Chernobrov, Director of Identity, Access and Endpoints, from Hyatt Hotel Corporation to discuss how Hyatt is driving innovation and exceptional customer experiences by modernizing their cybersecurity practices by moving to passwordless authentication. More information on the session can be found here.

Register with Yubico’s code for the RH-ISAC Cyber Intelligence Summit here (automatically applied), which grants any non-members of the RH-ISAC with free admission to this year’s event. We’re excited to see everyone at the show!

The post Thoughts on modern cybersecurity for retail and hospitality in advance of RH-ISAC’s Cyber Intelligence Summit appeared first on Yubico.


VaultumCity is the best trusted place to select and buy your best Yubikeys, Vaultumcity free ship all yubikeys, Vaultumcity is reseller distributor of yubikeys so you can find cheapest best yubikey in Vaultumcity. If you are looking for best Yubikeys in Singapore at VaultumCity website online store.

The shop that sells yubikeys is

Our delivers are from Singapore, distribute globally. Buying Yubikey in Vaultum to have best customer and after sales services. All Yubikeys sold at Vaultumcity are quality guaranteed. Please place a large amount order to have great discount for reseller. Contact Vaultumcity at whenever you have any issue with your yubikeys. Buying yubikeys at Vaultumcity to have best newest yubikeys free shipped to your door, FIDO2 U2F SECURITY KEY C NFC, FIDO2 U2F SECURITY KEY NFC, YubiKey 5 Nano, YUBIKEY 5 NFC, YubiKey 5C, YubiKey 5C nano, YubiKey 5C NFC, YUBIKEY 5Ci, YubiKey Bio – FIDO Edition. Yubikeys are best most secure tools for two-factor authentication. You can also buy yubikeys form Malaysia, Yubikey Malaysia is being sold at Vaultumcity with great price and free ship, you have it fastest, just in few days because we’re here in Singapore.

If you are looking for yubikeys in Indonesia, Vaultumcity is a great place to buy yubikey Indonesia, you can have yubikeys to protect your logins in just few days. Vaultumcity ship your yubikeys to your home in Thailand, to help ensure your data is safe and secured.

What about South Korea, Vaultumcity bring your yubikeys to your home in South Korea free-shipped.

Vaultumcity also delivers yubikeys to Japan, any province or city to your hands. Check out and grab your best suited yubikey today at VaultumCity.