Speak to an expert

For more information or to discuss the requirements specific to your organisation, speak to one of our sector experts today.

Cyber security in the hospitality and travel industry

Butlin’s, British Airways and Stena have something in common; they have all experienced data breaches. How can you make sure you’re as secure as possible and able to respond to a hacking attempt? 

The struggle for companies in this industry is the juxtaposition between needing to be at the cutting edge of new technology adoption and ensuring you store and manage customers’ data appropriately. 

From integrating recommendation and review functionality, to reservation apps, live chat, online concierge services, loyalty schemes, Wi-Fi connectivity, voice technology, mobile payments, the additional ‘back office’ elements such as rota management, stock control, point of sale… the list goes on. 

It is immediately obvious how technologically and data-led organisations operating in this industry need to be to build success.

Collecting and using data

Although these technologies undoubtedly help to ensure the customer has a good experience and can give businesses vast quantities of data and insight, they also provide cyber criminals with opportunities to hack huge volumes of valuable personal data.

It is therefore essential that you have adopted the relevant practices to reduce the risk of a data breach, and to know that you’re well placed to respond if you are hacked. If you’re not sure where to start, speak to one of our experts today.

The essential areas to consider:

The PCI DSS (Payment Card Industry Data Security Standard) applies to any organisation that processes, transmits or stores cardholder data. Although the PCI DSS has existed since 2004, data breaches involving cardholder data have revealed that the Standard has not been enforced or tested effectively. Are you certain that you’re compliant

Find out more

The EU GDPR (General Data Protection Regulation) superseded the UK Data Protection Act 1998 on 25 May 2018. It extends the rights of individuals to control how their personal data is collected and processed, and also places a range of new obligations on organisations to be more accountable for data protection.

Find out more

Penetration testing – also known as ‘pen testing’ or ‘ethical hacking’ – is an effective way to determine the security of your networks and web applications. It is essentially a controlled form of hacking in which the ‘attackers’ operate on your behalf to find the sort of weaknesses that criminals exploit. Information is power, so by identifying your ‘weak spots’ you can prioritise efforts to protect your assets. 

Find out more

Staff awareness training is crucial, with the biggest security threat often being internal – it is all too easy for employees to accidentally click on a phishing link, or download malware by opening a rogue attachment. Cost- and time-effective e-learning can help with this, equipping teams with the knowledge they need, and demonstrating that your organisation is acting responsibly.

Find out more

ISO 27001 is the international information security standard. Achieving accredited certification to ISO 27001 equips organisations with the knowledge, procedures and processes to successfully manage information risks such as cyber attacks, hacks, data leaks and theft. ISO 27001 certification isn’t only for large organisations. Organisations of all sizes are seeing the benefits.

Find out more

Browse our range of cyber security solutions

We have created a special selection of products to help you. If you have any questions, email us and one of the team will get back to you as a priority. 

PCI DSS Online Course, Staff Awareness Edition​

This interactive e-learning course is designed to increase employees’ awareness of the PCI DSS’s requirements, and provide clear and simple explanations of what organisations and individual employees must do to meet the requirements of the Standard.

Find out moreShop all solutions

EU General Data Protection Regulation (GDPR) Data Protection Policy Template

Create your GDPR-compliant data protection policy in minutes with our easy-to-use and customisable template, developed by our expert GDPR practitioners.

Find out moreShop all solutions

Cyber Security Pocket Guide Bundle​

Ideal for non-technical staff in all business functions, these quick and accessible guides give a swift understanding of the perils of poor information and cyber security. Available in e-book and print formats, the guides outline the principles and teach the good habits that are the bedrock of a sound cyber security policy.

Find out moreShop all solutions

Institute of Hospitality Business Partner

IT Governance has partnered with the Institute of Hospitality as an integral part of its shift towards supporting the hospitality, tourism and leisure industry. Through this partnership, we aim to make it easier for those in the industry to access our marketing leading services. 

This website uses cookies. View our cookie policy
SAVE 10%