Palladium Hotel Group: Building a Human Firewall in the Hospitality Sector

The challenge: protecting sensitive guest data in a digital-first industry

With more than 50 years of experience and 40 hotels across six countries, Palladium Hotel Group manages highly sensitive client information every day.

The growing digitalization of operations, increasingly strict regulations, and the exponential rise of cyberattacks placed additional pressure on the company to strengthen its defenses. For Palladium, addressing the human factor became a strategic necessity to ensure the highest levels of protection for guests and the business.

The solution: automated awareness, training, and risk monitoring

Palladium Hotel Group selected Kymatio® to automate human cyber risk management and to transform its employees into the first line of defense against cybercrime.

The solution included:

• Cloud-based awareness platform to improve employees’ alertness to phishing, ransomware, and social engineering.
• Personalized awareness and training programs tailored to each employee’s risk profile.
• Advanced risk metrics providing real-time insights into strengths and weaknesses across the workforce.
• Credential breach monitoring to proactively detect exposure of employee accounts.
• Phishing simulations customizable by group or department to measure and reduce vulnerability.
• Compliance support with regulatory frameworks including GDPR, ISO, DORA, NIST, and CISA.

“The human factor remains critical in security breaches. By incorporating people into its security strategy, Palladium Hotel Group is at the forefront of organizations that understand the importance of human cyber risk management.”
— Fernando Mateus, CEO, Kymatio®

The impact: stronger culture, compliance, and competitiveness

By working with Kymatio®, Palladium Hotel Group achieved a strategic shift:

• Employees are now prepared and engaged to face growing cyber threats.
• The company can measure and improve awareness levels with advanced dashboards and metrics.
• Compliance with strict data protection regulations (GDPR and beyond) is streamlined.
• Administrative workload for IT and security teams has been reduced thanks to automation.
• The initiative supports the creation of a proactive security culture across the organization.

“Working with human risk is complex and requires deep expertise. With Kymatio®, we gained advanced metrics, innovative functionalities, and the ability to align our efforts with the real needs of our people.”
— Francisco García Lázaro, Corporate Information Security Sr. Director, Palladium Hotel Group

Results at a glance

• 85% increase in employee readiness against phishing and social engineering attacks.
• 60% reduction in administrative effort for IT and security teams thanks to automation.
• 100% alignment with regulatory compliance (GDPR, ISO, DORA, NIST, and CISA).