Travel & Hospitality, Gambling, and Real Estate led the way with the highest combined rates of full and partial protection against bots.

Industries like hospitality resolve serious findings significantly faster than the financial services industry (61 days vs 20 days).

Healthcare’s median time to resolve serious pen test findings was 58 days. This ranks healthcare 10th of 13 industries. Hospitality led with 20 days.

The Construction, Hospitality, and Arts and Entertainment sectors reported their highest ever Q2 2025 ransomware attack volumes.

In one analysis, hospitality had 15% of vulnerable assets across cloud, APIs, and web applications.

In one analysis, hospitality had 15% of vulnerable assets across cloud, APIs, and web applications.

66% of hotel IT and security executives expect a rise in attack frequency during the summer 2025 travel season.

4 in 10 executives (which is 40%) at hotels say that 16-25% of their total IT budget is devoted to cybersecurity.

Fewer than 50% of hotels have deployed advanced defenses like vulnerability scanning, automated data backups, or integrated ransomware protection.

Adoption of dark web monitoring among hotels is 26%.

58% of hotels were targeted by five or more attacks during summer 2024.

26% of hotel IT and security leaders say an influx of seasonal employees unfamiliar with cyber policies and best practices increases risk.

66% of hotels are investing in VPNs.

12% of hotel IT and security leaders said an attack could lead to hotel closure.

50% of hotel IT and security executives expect an increase in attack severity during the summer 2025 travel season.

32% of hotel IT and security leaders say a significant increase in credit card transactions will increase their cybersecurity risk during the busy travel season.

40% of hotel IT and security leaders say outdated technology increases their cybersecurity risk.

42% of hotel IT and security executives say weaknesses in third-party systems like payment processors and booking platforms increase their cybersecurity risk.

Adoption of penetration testing among hotels is 28%.

30% of hotels do not have plans to outsource to a managed security service provider (MSSP)