Cyber Crime Impacts Under-appreciated in Hospitality Sector

13 /Feb

UK Food and hospitality businesses were those spending least on cybersecurity measures in the 2018-19 period, despite the sector having increased its expenditure on cybersecurity by 20%. [1]

A Specops Software report[2] shows the sector’s food and hospitality businesses committed only £1080, on average, to their cybersecurity – way below the £22,050 average of financial and insurance firms and even less than that of entertainment, services and membership organisations (£1940).

This situation is surprising and alarming, as hospitality giant, Marriott International was fined £99m in July 2019, for breaching GDPR regulations, with this making big headlines. The travel and tourism sector’s top 30 Apps have also proved weak, in terms of security and privacy protection.

Another incident led to data files, including 0.2 million unsecured audio files of conversations with customers, being breached at Teletext Holidays, where sufficient cyber security measures were in place.

Audio files are the new holy grail for cyber criminals, even though ’vishing’ is currently a far lesser-known social engineering tactic than phishing[3].  If accessed, audio files can be manipulated to facilitate fraudulent transactions, with a criminal mimicking the voice of a director to request money transfers out of the business’s account into one set up fraudulently. Significant sums can be stolen this way.

Currently, vishing comprises only 1% of cyber crime cases, but there has been a 350% increase in six years and when Artificial Intelligence (AI) is more widely available, this type of crime is likely to increase. AI facilitates voice impersonations and can also create conversations between individuals that may not have occurred.  Additionally, it can fuel fake news, potentially ruining companies’ reputations.

CRM systems have long been the cornerstone of hospitality and food business marketing, so are ‘jackpots’ for criminals seeking information on booking patterns, birthdays, bank and credit card details, and more.  The greater a cyber criminal’s knowledge of a target, the more likely their ability to carry out an attack or a scam. Such data also commands a good price when being sold on to dark web operators.

Cyber insurance is something any commercial business should consider if they determine they are potentially at risk.  The annual cost is surprisingly low, despite the considerable benefits and protection provided.  Talking to an insurance broker about how to best protect against cyber crime, and discovering how a policy could give you access to specialist IT support, is an action well worth taking.  Various levels of protection exist and it is important to get what is right for your individual business.

If you need help in finding someone to assist with this, please get in touch.

 

[1] https://www.scmagazineuk.com/hospitality-spends-least-cyber-security-shows-sector-by-sector-report/article/1667375

[2] https://www.foodmanufacture.co.uk/Article/2019/11/20/Food-firms-invest-least-in-cyber-attack-security

[3] https://www.infosecurity-magazine.com/opinions/ai-voice-impersonation/

FPS867

You will be redirected to the Equipsme website.

Click here to learn more

Keep up to date with industry developments.

Read all industry news articles

You will be redirected to the Browne Jacobson website.

Video from Browne Jacobson Lawyers
Erimus Insurance Brokers

Erimus Insurance Brokers is a trading name of Teesside Insurance Consultants Ltd.
Registered in England No. 2043783. Authorised and regulated by the Financial Conduct Authority No. 307660.
Directors: P.J. Davison, S.D.E. Hughes, I. Miller ACII, S.S. Pinnell. Non Executive Director: G. Lumby MBE, FCIBS. Company Secretary: C. L. Nolan.

Copyright © 2020 Erimus Insurnace Brokers. All rights reserved.
Privacy Policy   /  Terms of Business   /  Cookies Policy   /  Disclaimer   /  Complaints

Designed by happyleaves.com