Meet Hyatt Cyber Security and PCI Standards at the Same Time with VENZA


Effective January 1, 2019, Hyatt will begin enforcing their Cyber Security Standard for franchise owners and operators. This standard, based on the Center for Internet Security (CIS) Critical Security Control (CSC) v6.1 framework, will include a self-certification process that begins on February 4, 2019 and has a compliance date of March 1, 2019. 

Franchise requirements for the standard include 30 critical controls that must be implemented by each property. An additional 28 controls are recommended to increase the effectiveness of the cybersecurity program and align the franchise with Hyatt’s Security Risk Management Framework (SRMF). 

With years of hospitality expertise, VENZA can work with Hyatt properties to effectively map existing PCI DSS requirements with the Hyatt mandated standard and assist them with becoming compliant with both standards. Upon completing a security risk assessment as mandated by control 22.3, VENZA can help mitigate GAP’s with their wide range of services and products.  

VENZA provides*: 
Security Risk Assessments (22.3) 
Security Awareness Training (17.3) 
Anti-Virus (8.1) 
Logging/Monitoring (6.2) 
Backup/Recovery (10.1) 
Patch Management (18.1) 
Policy Templates (22.1) 

Other controls can be satisfied by other VENZA products/services, please contact us for details.  

*Includes but not limited to these services. Numbers reference CIS control ID’s from Cyber Security Standard Franchise document released by Hyatt.