Crisis Management at Marriott: A Case Study on Data Breach
VerifiedAdded on 2023/02/01
|11
|3265
|64
AI Summary
This study examines the crisis management response of Marriott to a data breach crisis, including business continuity and communication efforts. Learn from this case study on crisis management.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Business Continuity Management
i
i
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Executive Summary
Crisis is an event that can cause sudden upheaval in smooth flow of an organisation’s work.
Such a crisis occurred at Marriott group of hotels whom a cyber criminal hacked private data
of more than 500 million guest staying at its Starwood subsidiary. The aim of this study is to
understand the concept of crisis management in terms of response of Marriott to this crisis.
At the onset the study tries to understand the meaning of crisis and crisis management. The
study also tries to throw light on the details of the data breech crisis at Marriott. Further, the
study tries to understand the manner in which the firm handled this crisis. It was found that
the firm tried to help out the affected customers through a website.
In continuation, the study elaborated upon the business continuity provisions adopted by
Marriott like risk assessment and business continuity planning. Further, crisis management
provisions like making a crisis management plan and communication methods were also
assessed. Lastly, the manner in which Marriott communicated the crisis situation to the
stakeholders was brought to light.
ii
Crisis is an event that can cause sudden upheaval in smooth flow of an organisation’s work.
Such a crisis occurred at Marriott group of hotels whom a cyber criminal hacked private data
of more than 500 million guest staying at its Starwood subsidiary. The aim of this study is to
understand the concept of crisis management in terms of response of Marriott to this crisis.
At the onset the study tries to understand the meaning of crisis and crisis management. The
study also tries to throw light on the details of the data breech crisis at Marriott. Further, the
study tries to understand the manner in which the firm handled this crisis. It was found that
the firm tried to help out the affected customers through a website.
In continuation, the study elaborated upon the business continuity provisions adopted by
Marriott like risk assessment and business continuity planning. Further, crisis management
provisions like making a crisis management plan and communication methods were also
assessed. Lastly, the manner in which Marriott communicated the crisis situation to the
stakeholders was brought to light.
ii
Contents
Executive Summary...................................................................................................................ii
Introduction...............................................................................................................................iv
Marriott Hotel – Data Breach Crises.........................................................................................iv
Manner in which Company Handled the Crises.......................................................................iv
Business Continuity management provisions............................................................................v
Crisis management provisions..................................................................................................vi
Crisis Communication efforts..................................................................................................vii
Recommendations for Improvement......................................................................................viii
Conclusion..............................................................................................................................viii
References.................................................................................................................................ix
iii
Executive Summary...................................................................................................................ii
Introduction...............................................................................................................................iv
Marriott Hotel – Data Breach Crises.........................................................................................iv
Manner in which Company Handled the Crises.......................................................................iv
Business Continuity management provisions............................................................................v
Crisis management provisions..................................................................................................vi
Crisis Communication efforts..................................................................................................vii
Recommendations for Improvement......................................................................................viii
Conclusion..............................................................................................................................viii
References.................................................................................................................................ix
iii
Introduction
Crisis is any unplanned or unforeseen negative situation that suddenly occurs in a business
organisation, leading to chaos and instability in the business environment (Van Der Vegt, et
al., 2015). Crisis in a business situation can be any event or a series of events which threaten
the goodwill, functioning and even survival of an organisation (Bundy, et al., 2017). Any
organisation, big or small, may be hit by a crisis. Therefore, firms make crisis management
strategies and risk assessment to minimise and mitigate crisis (Coombs, 2013). However, as
crisis is an unforeseen event it cannot be ruled out completely. Business continuity
management is a framework through which a firm can identify risks of exposure to internal
and external threats (Estall, 2012). This helps the firm in risk avoidance as well as post crisis
management.
Marriott Hotel – Data Breach Crises
Marriott international is an American multinational hospitality company having hotels all
around the globe. The organisation has 7000 properties in 30 countries (Marriott, 2019).
However, crisis can strike an organisation irrespective of its popularity, size or reputation.
One of the subsidiaries of Marriott, Starwood hotels used to collect personal information of
the guests staying in their premises. This information included details like credit card
information, addresses, phone numbers and passport numbers (Perlroth, et al., 2018) In
November 2018 Marriott hotels revealed that it has become the victim of a cyber attack on its
Starwood reservation system (Hern, 2018). This resulted in Hackers steeling information of
500 million guests. This was one of the largest data breaches in history due to cyber-attack
(Perlroth, et al., 2018). The attack brought to light the vulnerability of computer systems of
organisations across the globe.
Manner in which Company Handled the Crises
A successful crisis management strategy involves steps taken to handle the crisis. This
includes the steps taken to avoid the crisis before the crisis had occurred (Hacioğlu, 2018).
Crisis management strategy involves projection of the future based on continuous monitoring
of internal and external environment of the organisation.
Cyber-attacks are not new in business world (Shackelford, 2014). Previous massive data
breach of Yahoo had made the business world aware and alert about hackers and cyborg
attacks (Shackelford, 2014). As a preventative measure Marriott had techniques like data
encryption and password protection along with continuous monitoring of the data base
(Marriott, 2019). However, technology has enabled hackers hack even the most secured data.
Therefore, the crisis occurred.
As a response to the crisis the hotel group took the following measures-
The firm created a dedicated phone line and a website for the customers affected by the
breach (Forbes, 2019). The customers could confirm on this website whether their data has
been compromised or not.
iv
Crisis is any unplanned or unforeseen negative situation that suddenly occurs in a business
organisation, leading to chaos and instability in the business environment (Van Der Vegt, et
al., 2015). Crisis in a business situation can be any event or a series of events which threaten
the goodwill, functioning and even survival of an organisation (Bundy, et al., 2017). Any
organisation, big or small, may be hit by a crisis. Therefore, firms make crisis management
strategies and risk assessment to minimise and mitigate crisis (Coombs, 2013). However, as
crisis is an unforeseen event it cannot be ruled out completely. Business continuity
management is a framework through which a firm can identify risks of exposure to internal
and external threats (Estall, 2012). This helps the firm in risk avoidance as well as post crisis
management.
Marriott Hotel – Data Breach Crises
Marriott international is an American multinational hospitality company having hotels all
around the globe. The organisation has 7000 properties in 30 countries (Marriott, 2019).
However, crisis can strike an organisation irrespective of its popularity, size or reputation.
One of the subsidiaries of Marriott, Starwood hotels used to collect personal information of
the guests staying in their premises. This information included details like credit card
information, addresses, phone numbers and passport numbers (Perlroth, et al., 2018) In
November 2018 Marriott hotels revealed that it has become the victim of a cyber attack on its
Starwood reservation system (Hern, 2018). This resulted in Hackers steeling information of
500 million guests. This was one of the largest data breaches in history due to cyber-attack
(Perlroth, et al., 2018). The attack brought to light the vulnerability of computer systems of
organisations across the globe.
Manner in which Company Handled the Crises
A successful crisis management strategy involves steps taken to handle the crisis. This
includes the steps taken to avoid the crisis before the crisis had occurred (Hacioğlu, 2018).
Crisis management strategy involves projection of the future based on continuous monitoring
of internal and external environment of the organisation.
Cyber-attacks are not new in business world (Shackelford, 2014). Previous massive data
breach of Yahoo had made the business world aware and alert about hackers and cyborg
attacks (Shackelford, 2014). As a preventative measure Marriott had techniques like data
encryption and password protection along with continuous monitoring of the data base
(Marriott, 2019). However, technology has enabled hackers hack even the most secured data.
Therefore, the crisis occurred.
As a response to the crisis the hotel group took the following measures-
The firm created a dedicated phone line and a website for the customers affected by the
breach (Forbes, 2019). The customers could confirm on this website whether their data has
been compromised or not.
iv
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
A Micro site was also created where Marriott Starwood customers could find more details
about the breach (HighNetSecurity, 2019). Additionally, guidance was provided regarding
actions they could take. Further, the firm promised to cover full year cost of website
monitoring for those affected.
However, the actions taken weren’t satisfactory according to the media reports (Forbes,
2019). The firm tried to distance its flagship brand from the crisis stating the issue was
cantered to Starwood, its sub brand (Forbes, 2019) They did not focus on what went wrong.
In addition to the corrective measures, Marriott has also taken further protective steps to
avoid such a data breech in future (Marriott, 2019). They have put in place more stringent
data protection guidelines and severe data monitoring systems to avoid the crisis in the future.
Business Continuity management provisions
Business continuity management is a process under which an organisation tries to expose
external and internal threats in a planned manner (Reuter, 2015). The firm also assesses
various internal and external risks under this process. A business continuity plan focuses on
continuation of critical operations during or post a crisis (Snedaker, 2011). Therefore, in this
process, the focus is on effective planning so that critical operations do not cease to function
during a crisis.
Marriott hotel had various provisions for business continuity in the wake of a disaster or
crisis (Marriott, 2019). After the data breech the firm has put in place various provisions for
managing business continuity. In a statement the firm has promised the customers that in
future stringent data protection measures will be put in place so that no such incident takes
place (Marriott, 2019). Therefore, the firm has tried to make sure that customers continue to
visit the hotel and critical operations are not hindered.
Steps in business continuity management undertaken by Marriott
Risk Assessment- risk assessment is an evaluation of safety in all process in the working
environment of a business organisation (Hacioğlu, 2018). This includes risk assessment of
health and safety of staff and customers, assessment of risk from equipment and risk of cyber
breach.
Cyber risk assessment has been a part of Marriott’s continuity planning provisions. However,
post the data breech the firm has become more stringent in the cyber risk assessment (Forbes,
2019). Marriott has made provisions to assess relevant data breech risks like hacking and
phishing (Marriott, 2019). The firm has also tried to assess the vulnerability of the data
systems to threats and has made provisions to upgrade cyber security (HighNetSecurity,
2019). More sophisticated data encryption software have been put in place to avoid such a
data breech in future. The firm has also put in place a monitoring system to periodically
monitor chances of exploitation of the cyber management (HighNetSecurity, 2019). The firm
has implemented the system of periodically changing data passwords to avoid any breech in
future. These steps are made to ensure continuity in the critical operations like serving the
customers on a continuous base.
v
about the breach (HighNetSecurity, 2019). Additionally, guidance was provided regarding
actions they could take. Further, the firm promised to cover full year cost of website
monitoring for those affected.
However, the actions taken weren’t satisfactory according to the media reports (Forbes,
2019). The firm tried to distance its flagship brand from the crisis stating the issue was
cantered to Starwood, its sub brand (Forbes, 2019) They did not focus on what went wrong.
In addition to the corrective measures, Marriott has also taken further protective steps to
avoid such a data breech in future (Marriott, 2019). They have put in place more stringent
data protection guidelines and severe data monitoring systems to avoid the crisis in the future.
Business Continuity management provisions
Business continuity management is a process under which an organisation tries to expose
external and internal threats in a planned manner (Reuter, 2015). The firm also assesses
various internal and external risks under this process. A business continuity plan focuses on
continuation of critical operations during or post a crisis (Snedaker, 2011). Therefore, in this
process, the focus is on effective planning so that critical operations do not cease to function
during a crisis.
Marriott hotel had various provisions for business continuity in the wake of a disaster or
crisis (Marriott, 2019). After the data breech the firm has put in place various provisions for
managing business continuity. In a statement the firm has promised the customers that in
future stringent data protection measures will be put in place so that no such incident takes
place (Marriott, 2019). Therefore, the firm has tried to make sure that customers continue to
visit the hotel and critical operations are not hindered.
Steps in business continuity management undertaken by Marriott
Risk Assessment- risk assessment is an evaluation of safety in all process in the working
environment of a business organisation (Hacioğlu, 2018). This includes risk assessment of
health and safety of staff and customers, assessment of risk from equipment and risk of cyber
breach.
Cyber risk assessment has been a part of Marriott’s continuity planning provisions. However,
post the data breech the firm has become more stringent in the cyber risk assessment (Forbes,
2019). Marriott has made provisions to assess relevant data breech risks like hacking and
phishing (Marriott, 2019). The firm has also tried to assess the vulnerability of the data
systems to threats and has made provisions to upgrade cyber security (HighNetSecurity,
2019). More sophisticated data encryption software have been put in place to avoid such a
data breech in future. The firm has also put in place a monitoring system to periodically
monitor chances of exploitation of the cyber management (HighNetSecurity, 2019). The firm
has implemented the system of periodically changing data passwords to avoid any breech in
future. These steps are made to ensure continuity in the critical operations like serving the
customers on a continuous base.
v
Business impact assessment- under this step the impact of the crisis on the business is
assessed (Estall, 2012). Marriott has established written and detailed business flows for
various risks including cyber risk so that recovery from a dictator can be started immediately
(Hern, 2018). Marriott has set up a committee to assess damage to goodwill and reputation of
the company including plans to salvage the lost reputation.
Making business continuity plan- after creating risk assessment and business impact
assessment a business continuity plan is made so that the organisation can continue its
operation even during a crises and after the crises is resolved (Estall, 2012). Marriott has
created division and site level plans to avoid and combat with cyber security issues (Forbes,
2019). This will help in faster damage control. The business continuity plan includes
assessment of all risky network systems, ways in which these risks can be removed and
monitoring process
Implementation of plan- At the implementation stage copies of plan of action are distributed
to all stakeholders (Estall, 2012). All division and department heads have been briefed about
the continuity plan and monitoring and evaluation process (Marriott, 2019). Training sessions
have also been implemented so that all employees can learn ways of avoidance of cyber risks
Plan testing and maintained- Any plan can only be successful if it is tested, evaluated and
maintained for a long-term feasibility (Estall, 2012). To achieve this Marriott has made
provisions for simulations on cyber-attacks to test the security plans (Hern, 2018). The
effectiveness of cyber security will be reviewed twice a year so that any suspicious activity
can be noticed at an early stage.
Therefore, business continuity provisions like risk assessment, customer assurance and
review and maintenance of systems have been adopted by Marriott so that business
operations don’t cease during a crisis.
Crisis management provisions
Crisis management is a process which enables a firm to deal with an unforeseen even which
disrupts its smooth functioning (Hacioğlu, 2018). Marriott hotel data breech resulted in
massive customer and media backlash which affected the firm’s business and goodwill (Hern,
2018). During and after the data breech, Marriott group made the following provisions for
crisis management
Anticipation- The first step in crisis management is to anticipate the impact (Bundy, et al.,
2017). There was a top management meeting immediately to ascertain the impact of the
damage and to reduce fear and panic among employees and customers (HighNetSecurity,
2019).
Making a crisis management plan- The next step for an organisation during a crisis is to
make a plan for handling the crisis (Hacioğlu, 2018). The top management decided to give
full details of the breech in public. They reiterated that they stood by the guests and tried to
help the customers in taking corrective measures wherever possible through a help desk and a
website (Marriott, 2019)
vi
assessed (Estall, 2012). Marriott has established written and detailed business flows for
various risks including cyber risk so that recovery from a dictator can be started immediately
(Hern, 2018). Marriott has set up a committee to assess damage to goodwill and reputation of
the company including plans to salvage the lost reputation.
Making business continuity plan- after creating risk assessment and business impact
assessment a business continuity plan is made so that the organisation can continue its
operation even during a crises and after the crises is resolved (Estall, 2012). Marriott has
created division and site level plans to avoid and combat with cyber security issues (Forbes,
2019). This will help in faster damage control. The business continuity plan includes
assessment of all risky network systems, ways in which these risks can be removed and
monitoring process
Implementation of plan- At the implementation stage copies of plan of action are distributed
to all stakeholders (Estall, 2012). All division and department heads have been briefed about
the continuity plan and monitoring and evaluation process (Marriott, 2019). Training sessions
have also been implemented so that all employees can learn ways of avoidance of cyber risks
Plan testing and maintained- Any plan can only be successful if it is tested, evaluated and
maintained for a long-term feasibility (Estall, 2012). To achieve this Marriott has made
provisions for simulations on cyber-attacks to test the security plans (Hern, 2018). The
effectiveness of cyber security will be reviewed twice a year so that any suspicious activity
can be noticed at an early stage.
Therefore, business continuity provisions like risk assessment, customer assurance and
review and maintenance of systems have been adopted by Marriott so that business
operations don’t cease during a crisis.
Crisis management provisions
Crisis management is a process which enables a firm to deal with an unforeseen even which
disrupts its smooth functioning (Hacioğlu, 2018). Marriott hotel data breech resulted in
massive customer and media backlash which affected the firm’s business and goodwill (Hern,
2018). During and after the data breech, Marriott group made the following provisions for
crisis management
Anticipation- The first step in crisis management is to anticipate the impact (Bundy, et al.,
2017). There was a top management meeting immediately to ascertain the impact of the
damage and to reduce fear and panic among employees and customers (HighNetSecurity,
2019).
Making a crisis management plan- The next step for an organisation during a crisis is to
make a plan for handling the crisis (Hacioğlu, 2018). The top management decided to give
full details of the breech in public. They reiterated that they stood by the guests and tried to
help the customers in taking corrective measures wherever possible through a help desk and a
website (Marriott, 2019)
vi
Creating a crisis management team- This helps in giving the right information to the
stakeholder like the media, employees, customers and investors (Shackelford, 2014). If the
organisation does not create a communication team the rumours can have a bigger impact on
business (Hacioğlu, 2018). Therefore, Marriott created a communication team comprising of
the CEO and top management who gave accurate information through media and various
help-desks (HighNetSecurity, 2019). However, the hotel did not take full responsibility for
the matter and was seen as hedging the issue by pushing the blame on its sub brand;
Starwood.
Post crisis analysis- After a crisis it is very important to underrated what went wrong and
what are the points on which improvement is required (Bundy, et al., 2017). Additionally,
crisis analysis needs to be done to ascertain the failures and successes of crisis management
process (Crandall, et al., 2013). In case of Marriott data breech, the damage was big and
beyond repair. Therefore, analysis needed to done on how it could be avoided in the future
(Kaplan, 2015). A committee was formed to ascertain the cyber security risks based on which
better data encryption modules were put in place to secure customer data (HighNetSecurity,
2019). Better monitoring and evaluation systems were also put in place to avoid such an
occurrence in the future
Therefore, Marriott’s crisis management process had good analysis and prompt actions but
the firm should have done more in terms of helping the affected customers.
Crisis Communication efforts
As business organisations grow, they also become susceptible to the vulnerability of large-
scale system management (Crandall, et al., 2013). In case of Marriott data breach, the hotel
group was targeted by the hackers because of easy accessibility to privileged clientele of
Marriott (Shackelford, 2014). Such crisis situations are unforeseen but firms need to be
prepared to handle them. This can be done through proper crisis management planning. In
addition to crisis management planning it is also important to communicate well with
stakeholders; before, during and after a crisis (Shackelford, 2014). This leads to lessening of
chaos and panic along with reduction of fear in the mind of the stakeholders
In case of Marriott data breech, the announcement of the crisis in the paper caused a storm in
the media (Perlroth, et al., 2018). Many previous guests started panicking and fear among
people started having a direct impact on the goodwill and the reputation of the company.
Therefore, it was very important to create a clear communication channel which could give
correct information to the stakeholders and reduce fear and panic.
Following efforts were made by the company towards communication
Assessment of the crisis situation- It is very important to assess the nature and magnanimity
of a crisis before reacting (Crandall, et al., 2013). Without taking adequate information the
firm can run the risk of miscommunication (Coombs, 2013). Therefore, a brainstorming
session was undertaken with the concerned employees and top-level management and the
entire issue was communicated to the relevant department. They were also told to evaluate
the cause and apply further safeguards to stop the data breech in future.
vii
stakeholder like the media, employees, customers and investors (Shackelford, 2014). If the
organisation does not create a communication team the rumours can have a bigger impact on
business (Hacioğlu, 2018). Therefore, Marriott created a communication team comprising of
the CEO and top management who gave accurate information through media and various
help-desks (HighNetSecurity, 2019). However, the hotel did not take full responsibility for
the matter and was seen as hedging the issue by pushing the blame on its sub brand;
Starwood.
Post crisis analysis- After a crisis it is very important to underrated what went wrong and
what are the points on which improvement is required (Bundy, et al., 2017). Additionally,
crisis analysis needs to be done to ascertain the failures and successes of crisis management
process (Crandall, et al., 2013). In case of Marriott data breech, the damage was big and
beyond repair. Therefore, analysis needed to done on how it could be avoided in the future
(Kaplan, 2015). A committee was formed to ascertain the cyber security risks based on which
better data encryption modules were put in place to secure customer data (HighNetSecurity,
2019). Better monitoring and evaluation systems were also put in place to avoid such an
occurrence in the future
Therefore, Marriott’s crisis management process had good analysis and prompt actions but
the firm should have done more in terms of helping the affected customers.
Crisis Communication efforts
As business organisations grow, they also become susceptible to the vulnerability of large-
scale system management (Crandall, et al., 2013). In case of Marriott data breach, the hotel
group was targeted by the hackers because of easy accessibility to privileged clientele of
Marriott (Shackelford, 2014). Such crisis situations are unforeseen but firms need to be
prepared to handle them. This can be done through proper crisis management planning. In
addition to crisis management planning it is also important to communicate well with
stakeholders; before, during and after a crisis (Shackelford, 2014). This leads to lessening of
chaos and panic along with reduction of fear in the mind of the stakeholders
In case of Marriott data breech, the announcement of the crisis in the paper caused a storm in
the media (Perlroth, et al., 2018). Many previous guests started panicking and fear among
people started having a direct impact on the goodwill and the reputation of the company.
Therefore, it was very important to create a clear communication channel which could give
correct information to the stakeholders and reduce fear and panic.
Following efforts were made by the company towards communication
Assessment of the crisis situation- It is very important to assess the nature and magnanimity
of a crisis before reacting (Crandall, et al., 2013). Without taking adequate information the
firm can run the risk of miscommunication (Coombs, 2013). Therefore, a brainstorming
session was undertaken with the concerned employees and top-level management and the
entire issue was communicated to the relevant department. They were also told to evaluate
the cause and apply further safeguards to stop the data breech in future.
vii
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Creation and relay of message to stakeholders- It is very important to provide correct
information to all the stakeholders (Coombs, 2013). In absence of this chaos can prevail.
Marriott issued a statement pertaining to the breach which gave out the details of exact nature
of the breach (Perlroth, et al., 2018)
Communication on corrective actions- It is very important to communicate whatever
corrective actions the firm intends to take because this will help in salvaging the goodwill of
the company (Coombs, 2013). Marriott introduced a helpline and website for affected clients
along with guidelines for corrective actions (Marriott, 2019) . They also assured the
customers of stricter data protection measures in future.
Therefore, communicating accurate information to stakeholders during crisis helps in
reducing chaos and fear.
Recommendations for Improvement
Marriott hotel tried all the ways it saw fit to handle the crisis. However, following are some
suggestions through which they could improve their crisis response
The firm should have used more regret and apologetic language for the consumers
The firm should have taken direct responsibility instead of passing it on to Starwood
The firm should come out in the open regarding all the legal actions that it has taken
The firm should purchase encrypted software for data protection in the future
The IT department should be trained to detect data breech at an earlier stage.
Conclusion
Effective crisis and business continuity management can help an organisation in reducing the
damage done by the crisis situation. Through an adequate crisis management policy, the firm
can even emerge stronger and better equipped in handling the crisis in future. The data breech
crisis must have made Marriott a more knowledgeable company in terms of cyber security
and given it important lessons for such a crisis in the future.
viii
information to all the stakeholders (Coombs, 2013). In absence of this chaos can prevail.
Marriott issued a statement pertaining to the breach which gave out the details of exact nature
of the breach (Perlroth, et al., 2018)
Communication on corrective actions- It is very important to communicate whatever
corrective actions the firm intends to take because this will help in salvaging the goodwill of
the company (Coombs, 2013). Marriott introduced a helpline and website for affected clients
along with guidelines for corrective actions (Marriott, 2019) . They also assured the
customers of stricter data protection measures in future.
Therefore, communicating accurate information to stakeholders during crisis helps in
reducing chaos and fear.
Recommendations for Improvement
Marriott hotel tried all the ways it saw fit to handle the crisis. However, following are some
suggestions through which they could improve their crisis response
The firm should have used more regret and apologetic language for the consumers
The firm should have taken direct responsibility instead of passing it on to Starwood
The firm should come out in the open regarding all the legal actions that it has taken
The firm should purchase encrypted software for data protection in the future
The IT department should be trained to detect data breech at an earlier stage.
Conclusion
Effective crisis and business continuity management can help an organisation in reducing the
damage done by the crisis situation. Through an adequate crisis management policy, the firm
can even emerge stronger and better equipped in handling the crisis in future. The data breech
crisis must have made Marriott a more knowledgeable company in terms of cyber security
and given it important lessons for such a crisis in the future.
viii
References
Bundy, J. P. M., Short, C. & Coombs, W., 2017. Crises and crisis management: Integration,
interpretation, and research development. Journal of Management, 46(6), pp. 1661-1692.
Coombs, T., 2013. Applied Crisis Communication and Crisis Management: Cases and
Exercises. London: Sage.
Crandall, W., Parnell, J. A. & Spillan, J. E., 2013. Crisis Management. London: Sage.
Estall, H., 2012. Business Continuity Management Systems: Implementation and
Certification to ISO 2230. Swindon: BCS, The Chartered Institute.
Forbes, 2019. Marriottt Breach Exposes Far More Than Just Data. [Online]
Available at: https://www.forbes.com/sites/davidvolodzko/2018/12/04/Marriottt-breach-
exposes-far-more-than-just-data/#345bf4e26297
[Accessed 28 April 2019].
Hacioğlu, .. Ü., 2018. Global Business Strategies in Crisis: Strategic Thinking and
Developmen. Munich: Springer.
Hern, A., 2018. Marriottt hotels: data of 500m guests may have been exposed | World .... The
Guardian, 30 Nov.
HighNetSecurity, 2019. Marriottt CEO reveals more details about the massive data breach.
[Online]
Available at: https://www.helpnetsecurity.com/2019/03/12/Marriottt-data-breach-details/
[Accessed 28 April 2019].
Kaplan, J. M., 2015. Beyond Cybersecurity: Protecting Your Digital Business. New Jerse:
John Wiley & Sons.
Marriott, 2019. About Us. [Online]
Available at: https://www.Marriottt.com/default.mi
[Accessed 25 April 2019].
Perlroth, N., Tsang, A. & Satariano, A., 2018. Marriottt Hacking Exposes Data of Up to 500
Million Guests. The New York Times, 30 Nov.
Reuter, C., 2015. Towards efficient security: business continuity management in small and
medium enterprises.. nternational Journal of Information Systems for Crisis Response and
Management, 7(9), pp. 69-79.
Shackelford, S. J., 2014. Managing Cyber Attacks in International Law, Business, and
Relations: In Search of Cyber Peace. Cambridge: Cambridge University Press,.
Snedaker, S., 2011. Business Continuity and Disaster Recovery Planning for IT
Professionals. Oxford: Butterworth-Heineman.
Van Der Vegt, G., Essens, P., Wahlström, M. & George, G., 2015. Managing Risk and
Resilience. Academy of Management Journal, 58(4), pp. 971-98.
ix
Bundy, J. P. M., Short, C. & Coombs, W., 2017. Crises and crisis management: Integration,
interpretation, and research development. Journal of Management, 46(6), pp. 1661-1692.
Coombs, T., 2013. Applied Crisis Communication and Crisis Management: Cases and
Exercises. London: Sage.
Crandall, W., Parnell, J. A. & Spillan, J. E., 2013. Crisis Management. London: Sage.
Estall, H., 2012. Business Continuity Management Systems: Implementation and
Certification to ISO 2230. Swindon: BCS, The Chartered Institute.
Forbes, 2019. Marriottt Breach Exposes Far More Than Just Data. [Online]
Available at: https://www.forbes.com/sites/davidvolodzko/2018/12/04/Marriottt-breach-
exposes-far-more-than-just-data/#345bf4e26297
[Accessed 28 April 2019].
Hacioğlu, .. Ü., 2018. Global Business Strategies in Crisis: Strategic Thinking and
Developmen. Munich: Springer.
Hern, A., 2018. Marriottt hotels: data of 500m guests may have been exposed | World .... The
Guardian, 30 Nov.
HighNetSecurity, 2019. Marriottt CEO reveals more details about the massive data breach.
[Online]
Available at: https://www.helpnetsecurity.com/2019/03/12/Marriottt-data-breach-details/
[Accessed 28 April 2019].
Kaplan, J. M., 2015. Beyond Cybersecurity: Protecting Your Digital Business. New Jerse:
John Wiley & Sons.
Marriott, 2019. About Us. [Online]
Available at: https://www.Marriottt.com/default.mi
[Accessed 25 April 2019].
Perlroth, N., Tsang, A. & Satariano, A., 2018. Marriottt Hacking Exposes Data of Up to 500
Million Guests. The New York Times, 30 Nov.
Reuter, C., 2015. Towards efficient security: business continuity management in small and
medium enterprises.. nternational Journal of Information Systems for Crisis Response and
Management, 7(9), pp. 69-79.
Shackelford, S. J., 2014. Managing Cyber Attacks in International Law, Business, and
Relations: In Search of Cyber Peace. Cambridge: Cambridge University Press,.
Snedaker, S., 2011. Business Continuity and Disaster Recovery Planning for IT
Professionals. Oxford: Butterworth-Heineman.
Van Der Vegt, G., Essens, P., Wahlström, M. & George, G., 2015. Managing Risk and
Resilience. Academy of Management Journal, 58(4), pp. 971-98.
ix
x
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
xi
1 out of 11
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.