Why cybersecurity is a key theme in the travel industry

GlobalData has analysed the impact of cybersecurity on the travel and tourism industry, highlighting the details in a recent webinar. Jasleen Mann reports. 

In a recent webinar led by Nick Wyatt, head of research and analysis for travel and tourism at GlobalData, found that cybersecurity was a key theme being considered by companies in the industry.  

Polling by GlobalData indicates that 63% of respondents say they believe that cybersecurity is already a big theme that people in the travel and tourism sector are engaging with. 

Cybersecurity has also increased in mentions in company filings by a significant amount, with 3,934 mentions in 2021, an increase from 1,105 mentions in 2016.

Cybersecurity training for airports and airlines is key, and once completed it should be revisited regularly.

GlobalData shares that recruitment under the theme of cybersecurity can be seen in the travel and tourism ecosystem.

The top ten companies identified for hiring for cybersecurity in travel and tourism between January 2020 and November 2022 include Deutsche Lufthansa and Wizz Air, showing the topic is key area for the big names in the aviation industry.

Cybersecurity training for airports and airlines is key, and once completed it should be revisited regularly, to ensure knowledge remains current enough to deal with potential threats effectively. There have been numerous examples of cybersecurity threats in the aviation industry where customers have been impacted.

Cyberattacks in aviation

In 2018, a large-scale data breach impacted 380,000-500,000 British Airways customers. The data breach compromised login details, payment card details, and travel booking details, while credit card details were also logged by the attackers as they were being entered by customers. This went undetected for more than two months. 

According to Jake Moore, global cybersecurity advisor at eset, when people use airlines’ websites, “they tend to only use the login page twice a year on average”.

For this reason, they are “more than likely” to use the same password that they use for other accounts, as opposed to creating new login details. As a result, this increases the possibility of a data breach being impactful.

Airports also face cybersecurity threats, with recent examples including the British Airways data breach and an issue with the Bradley International Airport website.

Bradley International Airport suffered a DDOS cyberattack in March 2022. Credit: Bradley International Airport

The Bradley International Airport website event was an example of how a distributed denial-of-service (DDOS) attack can take place, involving multiple machines focused on crashing one website.

This particular threat was resolved without serious impact, as many airports and airlines put in mitigation techniques to deflect these threats.

The world became more dependent on online communication and online payment systems during the Covid-19 pandemic and the adoption of technology considerably accelerated. However, cybersecurity threats have always existed, and it is important for companies to priorities mitigation techniques.

GlobalData has emphasised the sense of urgency from companies in terms of cybersecurity as a theme. Cybersecurity includes technologies, processes and practices which protect networks, computers, programs and electronic.

In terms of cybersecurity, GlobalData tracks deals, patents filings, patent ownership, mentions, job trends and social media. The key theme is a growing focus on cybersecurity tools in order to protect personal data from attack, damage or unauthorised access.