Wynn Resorts, a high-end Las Vegas casino and hotel operator, last month admitted that it had become one of the latest hospitality businesses to fall victim to a cyberattack.cyberattack.
In the incident – which originally occurred in September 2025 – prolific threat group ShinyHunters reportedly
stole 800,000 employee records containing sensitive information such as Social Security numbers and email addresses and demanded about $1.5 million in Bitcoin, threatening to release the data if the ransom was not paid.
The attack echoed similar ones on
MGM and
Caesars casinos in 2023 and a host of others in recent years against
Omni Hotels,
Disney,
Country Inn and Suites, and other high-profile and lesser-known hospitality businesses.
SecValMSSP – better known as
Security Validation – understands threats to such businesses better than many. The MSSP has a strong focus on the hospitality industry, counting thousands of hotels among its clients.
The company this week strengthened its capabilities through a partnership with
Stellar Cyber, which offers an AI-based SecOps platform to MSSPs and organizations with lean security teams. The platform delivers a range of security functions, including SIEM, extended detection and response (XDR), and SOAR, on a single framework.
Security Validation, which also has clients in industries such as healthcare, finance, and retail, will leverage Stellar Cyber’s platform to enhance its MSSP services with AI-powered detection, investigation, triage, and response capabilities that will be available to organizations in hybrid and cloud environments.
MSSPs' Challenge
It will address the growing MSSP challenge of reducing the mean time taken to identify active and potential threats, according to Security Validation CEO
David Durko. They struggle to find the right tool to help security operations analysts identify threats and hunt for “potential time bombs lying dormant on the client’s network.”
“Threat actors are now moving faster than ever delivering malicious payloads,” Durko told MSSP Alert. “The time it takes a managed security firm to identify these threats can be the difference between an isolated incident and a wide-scale security event. Stellar Cyber provides us with some of the fastest MTTIs [mean time to identify] the industry has to offer.”
Faster MTTI leads to faster mean time to remediation, he added.
Hospitality Businesses at Risk
Given how vulnerable hospitality businesses are to cyberattacks, such speed is important. Cybersecurity in the sector is a pressing concern, according to analysts with
LevelBlue subsidiary
Trustwave.
“Hotels, resorts, and travel service providers are often underprepared for the sophistication and persistence of modern cyber threats,” they
wrote in a report last year. “The decentralized nature of operations, frequent staff turnover, and reliance on third-party vendors further compound the risk.”
They added that “threat actors exploit these weaknesses through a variety of tactics, including ransomware attacks, social engineering schemes, data breaches, and attacks on IoT [Internet of Things] infrastructure.”
HBX Group, a B2B travel marketplace,
noted last year that “due to the vast amount of personal and financial data it handles daily, combined with increasing digitalization, cybercriminals are seizing new opportunities to attack this industry. ... Hotels will need to continuously strengthen their security measures to protect both their guests and their business, as the associated costs – especially regarding reputation loss and customer trust – could soar.”
Accelerating Detection, Remediation
Security Validation is aiming to do that through the Stellar Cyber partnership, which the MSSP said will not only speed up detection and remediation times, but also enable continuous validation of security controls, deliver outcome-based reporting for executives and board members, and ensure stronger, evidence-based compliance.
It also can be done at multi-tenant scale.
“Our customers no longer want the simple ‘set it and forget it’ delivery of services and products,” Durko said. “They demand measurable outcomes that can be reported to senior leadership and the board of directors. We observe many MSSPs who sell products to clients without any consideration of the specific outcomes that can be quantified and linked to business value.”
Organizations increasingly are requiring transparency and shared accountability to ensure that both they and their MSSPs are aligned on security goals.
“Clients are far more involved than ever before,” he said. “Boards are requiring monthly business reviews, where data extrapolated from Stellar Cyber provides deep-dive, detailed metrics and key performance indicators illustrating the value Security Validation brings to their business.”
Compliance an Issue
This also helps ensure compliance with regulations such as PCI DSS, HIPAA, and the U.K.’s Cyber Essentials, which set requirements for security coverage.
“In the past, monitoring network traffic coming in through the firewall into the network was a sufficient control,” the CEO said. “As requirements evolve, being able to monitor and protect east-west or lateral network traffic is critical. Real-time monitoring of traffic from the point of ingress as it traverses the network is no longer a luxury service but rather mandatory to protect a client’s infrastructure and applications.”
With the Stellar Cyber partnership, Security Validation analysts get a holistic view of the network from the firewall to the endpoint, correlating relevant data points such as logs from operating systems, applications, network devices, and endpoint and managed detection and response tools.
