This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Travel and Hospitality ISAC

The Travel and Hospitality Information Sharing and Analysis Center (Travel and Hospitality ISAC) was created at the request of several hospitality Chief Information Security Officers, in order to have a place where they could confidentially share information about security threats, best practices, security management, and solutions with the greater travel industry.

The Travel and Hospitality ISAC is funded by an additional fee paid by eligible HTNG members, and other partner organizations.  To participate in the Travel and Hospitality ISAC, you must be an eligible member of HTNG or the OpenTravel Alliance (OTA) in good standing, sign and adhere to a non-disclosure agreement, and serve in a non-sales, information security oriented role within your respective organization.  Access to certain information channels or events related to the Travel and Hospitality ISAC may be restricted based on member type.

Eligible HTNG or OpenTravel Alliance (OTA) member types include:

  • Travel supplier members (Item 3 in the Member Policy) of HTNG or OTA
  • Consultant members (Item 4 in the Member Policy) that do not primarily sell security related services
  • HTNG Industry Partner members (Item 7 in the Member Policy) that do not primarily sell security products, services, or related materials

HTNG members that primarily sell security products, services, or related materials may sponsor certain activities within the Travel and Hospitality ISAC, but are not be eligible for membership.  HTNG staff may request additional information to verify that applicants do not primarily sell security related products or services.  Travel and Hospitality ISAC member applicants may appeal membership decisions to the elected leadership of the Travel and Hospitality ISAC.

Partners (Item 6 in the member Policy) and Individual Allied Members (Item 5 in the Member Policy) may participate as a guest in certain circumstances, as approved by HTNG staff. HTNG reserves the right to deny or revoke any membership to the Travel ISAC without refund, if the individual or corporation uses the membership for commercial gain.

Forum membership is limited to senior travel industry information security executives and their teams. Normally the Chief Information Security Officer (CISO), or the person(s) filling that role, represent their company, but they may bring support staff to face-to-face meetings. An annual fee of $1,500 per company is assessed for participation, and members pay nominal fees to attend face-to-face meetings.

For information on joining the Forum, please contact HTNG. 

Unlike other HTNG efforts, meetings and communications are carried out under a mutual nondisclosure agreement and are made available only to participants whose companies have signed an identical mutual nondisclosure agreement.

The ISAC held its first face-to-face meeting in May 2014 and plans to meet approximately twice a year going forward. It maintains a listserve and slack channel for rapid communication on emerging or evolving threats, conducts regular surveys of its members on key issues, and can mobilize conference calls when real-time security threats arise.

Companies currently participating include:

  • AccorHotels
  • AEG Worldwide
  • Best Western International
  • Caesars Entertainment
  • Carlson Rezidor Hotel Group
  • Choice Hotels
  • Delaware North Corporation
  • Event Hotels
  • Fairmont Raffles Hotels International
  • Firmdale Hotels
  • Four Seasons Hotels & Resorts
  • Hard Rock Hotels
  • Hilton Worldwide
  • Hyatt Hotels Corporation
  • InterContinental Hotels Group
  • Interstate Hotels & Resorts
  • Jumeirah Group
  • Kalahari Resorts
  • La Quinta Inns & Suites
  • Loews Hotels
  • Mandarin Oriental Hotel Group
  • Marriott International
  • Melia Hotels International
  • Montage Hotels & Resorts
  • Omni Hotels
  • RCI Travel
  • Red Planet Hotels
  • Sage Hospitality
  • White Lodging
  • Wyndham Hotel Group


Jason Stead

VP, Enterprise Security, Privacy & Corporate IT
Choice Hotels International

Ben Vaughn

Hyatt Hotels Corporation