Marriott Hotels: Internal Security Change

Communication Piece – Internal Security Change Message

In today’s world, security is one of the primary concerns for large organizations, and Marriott Hotels are no exception. At Marriott, we believe that our most critical goal is to ensure that customers can experience the high quality of service in our properties without needing to worry about anything else. Thus, Marriott is committed to earning our customers’ trust back by implementing a comprehensive organizational change targeting information security in our hotels and properties.

We will write a
custom essay
specifically for you

for only $16.05 $11/page
308 certified writers online
Learn More

The data breach that occurred in November 2018 in Starwood reservations showed us that the previous information security system applied in our properties was outdated and had significant gaps, which impacted its ability to prevent cyber attacks. As a result of the attack, the perpetrators received access to the personal details of many customers who stayed at the affected properties. The investigation results showed that the effects of the breach have been fully contained by now and that all affected persons have been notified about the risk.

The investigators also identified the technical errors that allowed the leak to happen. While fixing these errors allowed restoring our security system and ensuring the safety of all current customers, Marriott is willing to go beyond that to implement a change to promote security at all levels of the organization.

The first step towards enhancing Marriott’s information security is to review the current IT systems for gaps and address them in full. To achieve this goal, we have created a team of IT security experts who will perform an internal audit of our current system and implement changes to make sure that Marriott has state-of-the-art security in all of its properties. The panel of experts will also assist Marriott in designing a plan for implementing a culture change, which will be the second step in the change process.

From our experience, a culture of security is a critical component of the plan for protecting customer data, as it promotes compliance and establishes security as the top priority of the organization. The HR Director will communicate the need for cultural change and the plan for achieving it to all our properties to prevent gaps and noncompliance. Training in information security will be the third step of the change process, with every Marriott employee using our information system receiving skills and knowledge necessary to maintain security and prevent data leaks. While the vast majority of our employees have completed training in information security, this is still necessary to ensure compliance with the updated information security plan.

We expect that the steps above will make Marriott properties more safe and secure for our customers than ever before, and we are committed to ensuring that the change process is fully transparent. If you would like to know more about the upcoming changes, use the e-mail address below to send your inquiry. You can also use these contact details to share your concerns about the change or to find out more about the recent security breach. We assure you that information security is among the top priorities of Marriott and that your stay in our properties will be safe and comfortable.

Analysis of a Media Piece

Establishing transparent communication with customers following a security breach is critical to regaining their trust and containing the impact of the incident. After first announcing a security breach in November 2018, Marriott provided an update on the investigation and the change process that followed the event in January 2019. The present section of the paper will analyze this communication piece to determine whether or not it fulfills the goal.

Get your
100% original paper
on any topic

done in as little as
3 hours
Learn More

The primary audience of the news release is Marriott’s guests, who may or may not have been affected by the security breach announced in November. The media piece was published in the news center on the company’s official website, and thus all external stakeholders have access to it. The primary goal of the communication was to show that the investigation process is fully transparent, the effects of the incident were contained, and that all those affected or at risk will receive full support from the company. To achieve this goal, the report provides information about the changes that took place in Marriott with regards to information security following the breach.

First of all, the news provides an update on the number of people involved in the breach and gives further details of the incident. Marriott International (2019) states that “approximately 383 million records as the upper limit for the total number of guest records that were involved in the incident” and that the information leaked included passport numbers and payment cards (para. 5). By providing information about the incident, Marriott shows its commitment to gaining back customers’ trust and addressing the mistakes that led to the breach. Transparency is an essential component of communication following a damaging incident, as it improves the company’s image and prevents panic among customers (Jennings, 2018). Therefore, the first part of Marriott’s message serves the purpose well.

Besides providing an update on the investigation process, Marriott also identified some of the changes in information security that have already been implemented. For example, Marriott International (2019) reports that the Starwood database that was the source of the breach was discontinued, which means that all properties now use Marriott’s system. This piece of information serves two separate purposes: to reassure customers that staying with Marriott is safe not and to identify that the breach was not caused by gaps in the company’s information security system. Hence, this section of the message helps to restore Marriott’s image that has been damaged as a result of the incident.

The last part of Marriott’s news release serves to explain the guest support services offered as part of the change efforts following the breach. Marriott International (2019) provides information about a dedicated website and call center for guests who are concerned about the security of their personal information, as well as details about the free web monitoring service to identify identity theft. By establishing these changes and notifying the public about them, the company fulfills its corporate social responsibility (CSR).

Hovav and Gray (2014) explain that maintaining the customers’ privacy is part of companies’ CSR, and so is providing remedying services to stakeholders who are at risk due to data breaches and leaks. Thus, the final portion of the news release shows that Marriott is determined to fulfill its CSR and shows the company’s interest in helping those who might have been affected by the incident.

Overall, the communication piece analyzed in this section fulfills Marriott’s goals about change communication. It creates a sense of transparency by providing full information about the incident and shows that the plans for containing the effects of the breach have been implemented successfully. Furthermore, the piece supports Marriott in fulfilling its corporate social responsibility by detailing the services available to customers at risk. Based on the analysis, the change communication provided by Marriott is effective and assists in remedying the company’s reputation.

Annotated Bibliography

Hovav, A., & Gray, P. (2014). The ripple effect of an information security breach event: A stakeholder analysis. CAIS, 34(50), 893-912.

We will write a custom
for you!
Get your first paper with
15% OFF
Learn More

This scholarly article considers information breach events from the perspective of various stakeholders involved, focusing on passive stakeholders. Hovav and Gray (2014) explain how this type of incident is perceived by various stakeholders, including vendors, customers, hackers, and the wider community. The authors stress the importance of corporate social responsibility in the context of information security, stating that it helps companies to prevent and address such events. The article also provides some recommendations on communicating with stakeholders after a security breach, emphasizing the importance of transparency.

Jennings, H. (2018). Communications Lessons from Marriott’s data breach announcement. PR News. Web.

In this Article, the author examines Marriott’s security breach and the events connected to it from the perspective of crisis communication. The text offers a brief summary of the incident and the reports provided by Marriott following the breach. Jennings (2018) explains that in its communication with the press and customers, Marriott shows commitment to transparency. However, the author criticizes the company’s decision to withhold the information about the breach for almost two months, stating that it might affect Marriott’s reputation.

Marriott International. (2019). Marriott provides update on Starwood database security incident. Web.

This source is a news release by Marriott International providing an update on the security breach that occurred in November 2018. The company offers information about the number of persons affected and the types of records accessed by the perpetrators. The piece also explains the company’s efforts to remedy the issue by providing support services to those at risk and strengthening the information security system.


Hovav, A., & Gray, P. (2014). The ripple effect of an information security breach event: A stakeholder analysis. CAIS, 34(50), 893-912.

Jennings, H. (2018). Communications lessons from Marriott’s data breach announcement. PR News. Web.

Marriott International. (2019). Marriott provides update on Starwood database security incident. Web.

Need a
100% original paper
written from scratch

by professional
specifically for you?
308 certified writers online
Learn More
Print Сite this

Cite this paper

Select style


StudyCorgi. (2021, April 2). Marriott Hotels: Internal Security Change. Retrieved from

Work Cited

"Marriott Hotels: Internal Security Change." StudyCorgi, 2 Apr. 2021,

1. StudyCorgi. "Marriott Hotels: Internal Security Change." April 2, 2021.


StudyCorgi. "Marriott Hotels: Internal Security Change." April 2, 2021.


StudyCorgi. 2021. "Marriott Hotels: Internal Security Change." April 2, 2021.


StudyCorgi. (2021) 'Marriott Hotels: Internal Security Change'. 2 April.

Copy to clipboard

This paper was written and submitted to our database by a student to assist your with your own studies. You are free to use it to write your own assignment, however you must reference it properly.

If you are the original creator of this paper and no longer wish to have it published on StudyCorgi, request the removal.

Psst... Stuck with your
assignment? 😱
Psst... Stuck with your assignment? 😱
Do you need an essay to be done?
What type of assignment 📝 do you need?
How many pages (words) do you need? Let's see if we can help you!