The infographic explains that peak travel and holiday seasons create ideal cover for cyberattacks, as higher traffic volumes coincide with spikes in DNS queries and DDoS activity. An analysis of the top 10 travel and hospitality companies found all had serious public-facing vulnerabilities, with 91% exposing non-production or internal servers, often due to cloud sprawl and weak governance. Man-in-the-middle risks, unintentionally public servers, and unmanaged test environments increase attacker entry points, while November showed the highest DDoS activity of the year. It highlights AWS, Google Cloud, and Azure as dominant providers and stresses the urgency of improving visibility, fixing exposed assets, and preparing for PCI DSS 4.0 requirements to protect customer data and maintain trust

Join for free to read