Director of Information Security and Privacy at Sonesta International Hotels Corporation
Since 2020, Sonesta International Hotels Corporation (Sonesta) has grown by 350%. Starting out as 16 hotels, Sonesta now has more than 1,200 hotels in its roster and continues to grow. “The guest experience is the number one goal,” says Michael L. Woodson, Director of Information Security and Privacy at Sonesta.
As Director of Information Security and Privacy at Sonesta, Woodson leads the organisation’s cybersecurity practices. “From a holistic cybersecurity perspective, I have a lot of experience in a variety of industries, including in pharmaceutical, banking, manufacturing, manufacturing, wholesale, and utilities and gas,” says Woodson.
“In hospitality, I have consulted with many leading organisations on incident response, threat identity, and asset management. When this opportunity came up at Sonesta, I had been working to take the organisation from one with a limited security landscape to one that has a fully operational security function that is both sustainable for the business and aligns with its objectives.”
For Woodson, cybersecurity in the hospitality industry has become his passion. “It’s what makes me get out of bed everyday,” he says.
Woodson is inspired by developing proactive approaches to cybersecurity, looking at the function from a holistic approach, ensuring it aligns with the business and supports its needs. “This industry is very adventurous; it is an evolving landscape – which is what I like about it.”
So far in his career, Woodson’s proudest achievement has been making organisations aware of security risks and the value in technology. “One particular achievement has been my public/private partnership with Microsoft to develop a technology called ‘Catch Child Exploitation Tracking System’, a solution to track and mitigate crimes of human trafficking and child exploitation.”
The next 12 to 18 months for Sonesta
In the upcoming months, Woodson is committed to growing the organisation. “I’ve been in the digital equipment industry for more than 30 years. As a Director, you never know what tomorrow will bring, but I try to see cracks before they become holes, and my job is to prevent them from becoming craters. The next 12 to 18 months will continue to be dedicated to the development of our security programme and the mitigation of threats and risks,” says Woodson.
“Partners will be key to this going forward, as we adopt things like platform computing infrastructure as a service and various cloud technologies, vendor management relationships will be very important. Third-party risk is going to be a key attribute that the industry will need to manage better – as well as fourth- and fifth-party risk – as these dependencies can indirectly affect your security.”
Another key trend to keep an eye on will be prevention methods, as “awareness of the human aspect of security will play a major role.”
“It will be important to make sure that, with a growing remote and hybrid workforce, organisations start to look at their threat landscape differently. With these new ways of working, the perimeter is no longer confined to the walls of your building – workers can now be anywhere. It will be important for organisations to have visibility, as well as the ability to discover, build, understand and utilise what is coming onto the network and how they are using the data.”
Read the full story HERE.
With this greater interconnectivity of machines comes greater exposure to risk, so we have to make sure that we protect these newly formed connections.