The High Technology industry has 35.5% and the Travel and Hospitality industry has 18.3% of organizations classified as 'Exceptional' in AppSec maturity.

Travel & Hospitality, Gambling, and Real Estate led the way with the highest combined rates of full and partial protection against bots.

Industries like hospitality resolve serious findings significantly faster than the financial services industry (61 days vs 20 days).

Healthcare’s median time to resolve serious pen test findings was 58 days. This ranks healthcare 10th of 13 industries. Hospitality led with 20 days.

The Construction, Hospitality, and Arts and Entertainment sectors reported their highest ever Q2 2025 ransomware attack volumes.

In one analysis, hospitality had 15% of vulnerable assets across cloud, APIs, and web applications.

In one analysis, hospitality had 15% of vulnerable assets across cloud, APIs, and web applications.

32% of hotel IT and security leaders say a significant increase in credit card transactions will increase their cybersecurity risk during the busy travel season.

66% of hotel IT and security executives expect a rise in attack frequency during the summer 2025 travel season.

66% of hotels are investing in VPNs.

26% of hotel IT and security leaders say an influx of seasonal employees unfamiliar with cyber policies and best practices increases risk.

Adoption of dark web monitoring among hotels is 26%.

40% of hotel IT and security leaders say outdated technology increases their cybersecurity risk.

Fewer than 50% of hotels have deployed advanced defenses like vulnerability scanning, automated data backups, or integrated ransomware protection.

12% of hotel IT and security leaders said an attack could lead to hotel closure.

50% of hotel IT and security executives expect an increase in attack severity during the summer 2025 travel season.

58% of hotels were targeted by five or more attacks during summer 2024.

4 in 10 executives (which is 40%) at hotels say that 16-25% of their total IT budget is devoted to cybersecurity.

42% of hotel IT and security executives say weaknesses in third-party systems like payment processors and booking platforms increase their cybersecurity risk.

Adoption of penetration testing among hotels is 28%.