The future of the travel & tourism industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on airline companies. A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Travel and Tourism – Thematic Research. Buy the report here.
Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programmes, and electronic data from attack. The travel and tourism industry is highly exposed to attacks due to the wealth of personal data it stores.
Cybercriminals are attracted to this wealth of sensitive, personal data that the travel industry holds on every traveller. If these data points are not well protected, there are significant risks for the customers, who could have their data stolen. Such breaches can damage a company’s reputation. Several high-profile companies within the sector have made negative headlines due to poor cybersecurity. Cybercriminals exploit the vulnerabilities within a cybersecurity strategy, so a rigorous approach is central to effective risk management. To tackle cyber threats, a company’s cybersecurity strategy must involve contingency planning, outlining immediate actions, post-breach responses, and an understanding of the company’s current cyber risks.
The travel and tourism sector is becoming increasingly digitised, embracing emerging technologies such as artificial intelligence (AI), the Internet of Things (IoT), and cloud. As the digital ecosystems of companies grow, they become more vulnerable to cyberattacks. The industry is fragmented, with direct suppliers sharing data with third-party intermediaries, increasing the number of potential entry points for attackers to exploit. Data is most secure when all companies across the travel and tourism value chain invest in all layers of the cybersecurity value chain. Collaboration is vital, and companies must ensure that all of their vendors also have suitable measures in place. It takes only one vulnerable device to compromise an entire network, impacting the reputation of a business and damaging both the companies they work with and customers’ security.
However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.
According to GlobalData’s thematic research report, Cybersecurity in Travel & Tourism, leading adopters include: easyJet, Ryanair, Qantas, Southwest Airlines, Turkish Airlines, Qatar Airways, United Airlines Holdings, China Eastern Airlines and LATAM Airlines.
Insights from top ranked companies
easyJet suffered a breach in May 2020, compromising data from nine million customers. The company has since created a data and cyber risk governance structure to review data and the cyber risk landscape regularly. This involves a dedicated information security team, employee education and awareness programme, security logging and monitoring, vulnerability scanning, penetration testing, and ongoing compliance with GDPR requirements.
In 2015, United Airlines suffered a data breach linked to a group of China-based hackers that compromised flight information and passenger details. The company has safeguarded internal network systems through risk assessments, system monitoring, information security policies, and employee awareness. The company received an A on the UpGuard security ratings, suggesting it has good security practices. Emily Heath, the United Airlines CISO from 2017 until 2019, said in 2019 that educating employees and being transparent about security and threats while embracing creative solutions was key to United Airlines’ cybersecurity philosophy.
To further understand the key themes and technologies disrupting the travel and tourism industry, access GlobalData’s latest thematic research report on Cybersecurity in Travel & Tourism.
- Delta Air Lines
- Air France KLM
- Southwest Airlines
- American Airlines Group
- China Southern Airlines
- Air China
Frequently asked questions
1. Why are Travel & Tourism companies investing in cybersecurity?
Travel & Tourism companies are investing in cybersecurity to protect their customers' personal data and prevent cyberattacks. The industry is highly susceptible to cyberattacks due to the large amount of personal data collected during bookings and the high dependence on IT systems. Cybersecurity investment helps companies maintain a secure environment and protect their reputation.
2. How do cyberattacks impact the Travel & Tourism industry?
Cyberattacks can have a significant impact on the Travel & Tourism industry, causing reputational damage and financial losses. The industry holds valuable personal data on every traveler, making it an attractive target for cybercriminals. Cyberattacks can disrupt operations, cause flight cancellations, and lead to data breaches, resulting in loss of customer trust and revenue.
3. Which Travel & Tourism companies are leaders in cybersecurity adoption?
Accor, Air Canada, Booking Holdings, Despegar, JR East Group, LATAM Airlines, Melia Hotels International, Southwest Airlines, United Airlines, and Qatar Airways are leaders in cybersecurity adoption in the Travel & Tourism industry.
4. Who are the leading vendors of cybersecurity to the Travel & Tourism industry?
Ekran Systems, F-Secure, ITSEC Group, TitanHQ, and VigiTrust are the leading vendors of cybersecurity to the Travel & Tourism industry.
5. How does increased investment in cybersecurity benefit Travel & Tourism companies?
Increased investment in cybersecurity benefits Travel & Tourism companies by protecting their customers' personal data, preventing cyberattacks, and maintaining a secure environment. It also helps companies avoid reputational damage and financial losses, and build customer trust.
6. What are the challenges with adoption of cybersecurity in Travel & Tourism?
The challenges with adoption of cybersecurity in Travel & Tourism include the high dependence on IT systems, the large amount of personal data collected, and the variety of entry points across the business. The industry is also constantly evolving, making it difficult to keep up with new technologies and stay ahead of cyberattackers.
7. What is the projected market size of cybersecurity in Travel & Tourism?
GlobalData forecasts that all three components of cybersecurity spending will grow in revenue between 2021 and 2025, with software generating the highest revenue and growing at a compound annual growth rate (CAGR) of 13.7% to reach $1 billion in 2025. Revenues from cybersecurity hardware and services will also continue to rise, growing at CAGRs of 10.2% and 5.2%, respectively.
8. Who are the leading specialist cybersecurity vendors in Travel & Tourism?
Ekran Systems, F-Secure, ITSEC Group, TitanHQ, and VigiTrust are the leading specialist cybersecurity vendors in Travel & Tourism.
9. What are the components of the cybersecurity value chain?
The components of the cybersecurity value chain include hardware, software, and services such as unified threat management, vulnerability management, application security, managed security services, risk and compliance services, post-breach response services, chip-based security, identity management, data security, email security, network security, threat detection and response, cloud security, and endpoint security.