Wiz Defend is Here: Threat detection and response for cloud

Hotel giant IHG Hotels & Resorts enjoys comprehensive cloud visibility across the globe

Wiz streamlines IHG Hotels & Resorts’ risk remediation process by automatically identifying and prioritizing risks and enabling stakeholders to fix cloud vulnerabilities themselves.

IHG

Industry

Travel And Transportation

Region

Global

Cloud Platforms

AWS
GCP
Kubernetes
Ready to start?
Get a demo

Challenge

  • IHG Hotels & Resorts’ cloud security team had to routinely log in to multiple clouds, consult numerous stakeholders, and use various technical resources to build a picture of their cloud environments. 

  • IHG’s global cloud migration program led to the creation of a complex multi-cloud environment. The organization needed to maintain agility while securing this growing cloud footprint.  

  • IHG’s central security team needed to work closely with development teams across 18 individual IHG brands globally, so they could understand and remediate the cloud risks each sub-company faced. 

Solution

  • IHG now enjoys comprehensive and real-time visibility across its global cloud estate. 

  • IHG’s cloud security team empowers stakeholders to remediate cloud risk autonomously using Wiz.  

  • IHG has a single source of truth and a standard language to describe cloud risk, both of which enable security teams to partner more efficiently with global business units to remediate risk. 

A global hospitality brand creating a pioneering digital-security operation

IHG Hotels & Resorts (IHG) is one of the world’s leading hotel companies, with 18 individual brands, and more than 6,000 hotels and 911,000 guest rooms throughout 100 countries. It is a member of the FTSE 100 index and has one of the world’s most robust hotel loyalty programs. 

“Creating digital advantage” is a core goal of IHG’s corporate strategy. The company defines this as using digital technology to both transform the guest experience and ensure the operational efficiency of its hotels. Recent achievements in this area include: 

  • The rollout of IHG’s innovative mobile app, which accounts for 58% of bookings 

  • A next-generation payments system 

  • A 24/7 customer care text messaging service 

  • The migration of 20% of customer contacts to digital channels, reducing pressure on hotel teams 

IHG has placed security at the heart of its drive to create digital advantage. Its strategy is one of enablement with security guardrails. During the past five years, IHG has transformed its digital security operation from a bare-minimum, compliance-driven function to one that’s industry-leading and forward-looking. 

Eradicating slow, laborious, and high-risk manual processes 

IHG’s cloud migration program is well ahead of its competitors, having decommissioned its last data center in 2022. But this transition has triggered new challenges. The sheer size, complexity, and global spread of IHG’s operations meant the group’s centralized security function, which works with the company’s 18 brands, struggled to achieve sufficient visibility across its new public and private cloud environments. 

Establishing visibility is really the first step in the cloud security journey. That’s what we lacked–the ability to provide visibility across our multi-cloud environment.

Steve Perry, VP of Security Technology and Architecture, IHG Hotels & Resorts

Security teams were expected to constantly toggle between clouds, consult different consoles, and consolidate data to laboriously build a picture of what was happening across the group’s many companies and cloud environments. Manual multi-cloud visibility simply wasn’t practical, according to Kyle Koza, Director of Vulnerability Management and Application Security at IHG: “When you're a multi-cloud organization, it becomes untenable to log into each different platform, look at each different configuration, [and] know what the different terminology is between them.” 

This manual approach not only proved to be slow and labor-intensive, it also increased IHG’s likelihood of overlooking security vulnerabilities. 

Steve Perry, VP of Security Technology and Architecture at IHG, says “Without a tool like Wiz to centralize visibility, we had to work with multiple teams across regions to understand what was going on and what controls were or weren’t in place.” 

This meant working with different companies within the IHG group, each with its own intake processes and portals, which Perry’s team had to log in and out of every time they conducted a security task. Each individual company also had its own IT team with their own language to describe cloud risk, further adding to this complexity.  

Automatically identifying and prioritizing cloud vulnerabilities 

IHG primarily chose Wiz because of its multi-cloud security capabilities, especially in the areas of vulnerability and cloud configuration management. Wiz was also quick and easy to deploy and was able to support IHG’s cloud environments in China. 

Wiz’s ability to dashboard information and search for issues across multiple clouds is great. It enables us to drill down quickly into different platforms and projects to identify vulnerabilities and cloud misconfigurations.

Kyle Koza, Director of Vulnerability Management and Application Security, IHG Hotels & Resorts

Once the IHG cloud security team had experienced the comprehensive visibility Wiz provides, it rolled the solution out across its entire cloud estate. Perry and his team were also impressed by Wiz’s ability to prioritize vulnerabilities and trigger automatic remediation flows. 

“We’re now enabling stakeholders to remediate risks themselves,” explains Perry. “Wiz’s user interface is so intuitive that stakeholders can check in themselves, see the challenges in their environment, prioritize the risks, and then resolve those issues with autonomy, rather than waiting for our centralized team to provide a remediation plan.” 

Perry’s team now benefits from a single view of IHG’s complete cloud estate across those 18 global brands. It no longer needs to laboriously log in and out of individual portals. This has increased efficiency, visibility and speed of remediation. 

IHG also integrated Wiz with ServiceNow, so the solution can identify vulnerabilities and automatically send tickets directly to the relevant teams and track an issue to resolution. 

Meanwhile, Perry and his team use Wiz to establish and monitor developer guardrails. Rather than blocking new code, IHG has established security standards and patterns for developers. If they deviate from agreed ways of working, Wiz automatically alerts the IHG cloud security team. 

The comprehensive cloud visibility provided by Wiz not only accelerates and streamlines the remediation cycle, it also enables IHG to identify spun-down resources and deprovision them, saving precious budget and significantly reducing the company’s attack surface. 

Having that full visibility across our multi-cloud environment has saved us significant time and resources, reducing the burden on my team. We no longer have to go to multiple teams and technical resources to get answers and complete remediations. We’re able to centralize that activity into one platform and technology.

Steve Perry, VP of Security Technology and Architecture, IHG Hotels & Resorts

Business enablement through automatic vulnerability remediation 

IHG is now considering building on its successful partnership with Wiz by using the solution to protect its cloud container workloads and roll out auto-remediation. According to Koza, this capability would enable his team to drive down remediation, reduce risk, and further enable the IHG business. 

“Having established visibility across our multi-cloud environment, I’m really looking forward to the next step, which is exploring how we use Wiz to automatically remediate issues as they pop up,” says Koza. 

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management