“The tourist industry, and hotels in particular, is targeted by cyber criminals”, agree Vicente Costa, founder and manager of the corporate technology services firm Infinitel, and Diego Pagadigorria, sales manager at MatErh, a company specialising in risk management. These two specialists in protecting businesses against external attacks took part in the Panel of Experts on Cybersecurity organised by Diario de Ibiza.
In the opinion of Mr. Costa, “cybersecurity covers a number of procedures such as backup copies, risk management methods, training, insurance and technology, which can be used to protect data stored on connected computer equipment, software applications, networked systems and information transmitted and stored digitally”. The purpose of cybersecurity is to guarantee the availability, integrity and confidentiality of those data.
Mr. Pagadigorria stresses that “cyber attacks are among the greatest risks faced by businesses, so they need to have robust IT security systems”. But if a cyber attack takes place “they need broad insurance cover, so it is essential to take out cyber-risk policies”.
Both experts agree that technology is basic in helping firms to protect themselves against external threats, but they stress that “the main breaches of security stem from human errors caused by a lack of awareness and training”.
To cover the possibility of cyber attacks, the sales manager of MatErh recommends that businesses take out cyber-risk insurance that can “protect the company, offset financial losses, determine the cause of the attack and help recover activity”. The founder of Infinitel adds that “the consequences of such attacks can be devastating for organisations”.
Accordingly, both experts assert that companies need an all-round strategy that extends to the management team and all employees.
In the hotel business such strategies are not always in place, because, in the words of Mr. Pagadigorria, “the tourist industry is a highly attractive target for cyber criminals: it handles large amounts of personal data, is seasonal in nature and involves a large number of commercial transactions”.
Mr. Costa agrees that hotels on Ibiza and Formentera are targets for cyber attacks, and reports that Infinitel has recently solved cases of identity theft involving phishing at banks, email ransom scams by people purporting to be technicians from a major IT company, and even cases of extortion.
Diego Pagadigorria states that “attacks are becoming more and more sophisticated and dangerous, because they involve data theft and denial of service, which may result in the paralysing of activities, fraudulent use of information and reputational damage”.
In conclusion, the experts consider the fundamental factors at firms, particularly hotels and tourist businesses, to include awareness, training for all employees, the hiring of cybersecurity services and the taking out of customised insurance to enable them to react to attacks and re-establish their activities as soon as possible.
Breaches of security can prove highly expensive
Diego Pagadigorria, sales manager of MatErh, says that there are two kinds of business: those which have already been attacked by cyber criminals and those which are about to be. His company therefore works to identify, analyse and assess potential cyber-risks with a view to proposing the best preventive technological solutions and insurance policies tailored to the needs identified. Such policies kick in as soon as a security incident is detected. Not having insurance can lead to firms incurring major expenses such as computer forensics, legal costs, data retrieval costs, notification expenses, corporate image restoration, etc.
Source: Diario de Ibiza