News that BA could face a fine of £800m due to a cybersecurity breach in 2018 accentuates the threat of cyber-attacks for travel and tourism companies.

Travel companies now deal with myriads of personal customer data and as more travellers purchase products and services online, the tourism sector becomes at risk of even more severe and sophisticated cybersecurity threats. GlobalData’s emerging technology trends survey 2020 (B2B) identified that only 55% of tourism executives fully understood cybersecurity, 33% only ‘partially’ understood, and 12% did not at all. In the same survey, cybersecurity was also ranked as the second most critical technology to help a company survive during Covid-19, demonstrating its importance for all industries operating in the tourism sector.

Cyber ignorance can create significant risks regarding company profitability, security, and reputation. 2020 was a whirlwind of a year for the tourism sector due to Covid-19 and any negative news that could impact brand image would be detrimental to future revenues and recovery. Companies should be heavily investing in cybersecurity to not only protect their customers now but to help increase customer confidence in travel’s recovery.

Airlines invest heavily in cybersecurity but still face risks

Airlines and airports were identified as the heaviest investors in cybersecurity in GlobalData’s technology theme investment intensity survey in comparison to other tourism industries. Recent cyber-breaches experienced by BA and easyJet demonstrate that the aviation industry is still under threat and is being targeted.

BA was criticised by the Information Commissioner’s Office on its cybersecurity strategy in 2018 but has since stepped up its game in replacing legacy infrastructures, using Cloud-based services and general cybersecurity investment. Instead of the initial fine of £183m being enforced in 2018, BA was fined £20m in October 2020 due to the financial strain on the company caused by the pandemic. Recent investigation declared that victims could now be compensated up to £2,000 for the displeasure caused. With details of approximately 400,000 customers jeopardised, the total bill could be £800m.

Breaches post-Covid-19 could cause further damage to traveller confidence

News of infections, recessions, quarantines and travel restrictions have all caused significant grievances for traveller confidence during Covid-19. The news that passenger and personal data may increasingly be at risk from cyber-attacks will only further decimate traveller confidence going forward.

Tourism companies need to be doing their utmost to ease these growing apprehensions by investing properly in cybersecurity software, as well as creating comprehensive security strategies that also train staff in cybersecurity, so employees can track, trace, and identify a cyber-threat when it occurs.

Latest reports from


Or to search over 50,000 other reports please visit

GlobalData Report Store

GlobalData is this website’s parent business intelligence company.