skip navigation
skip mega-menu

How can the Travel & Tourism sector stay protected against Cyber Attacks?

By The North West Cyber Resilience Centre

Whilst lockdown restrictions are easing, you’re still vulnerable to attacks.

With the UK Government gradually easing lockdown restrictions this summer, the travel and tourism sectors are hoping to finally start recuperating from their losses, meaning a welcome return to the workplace for many within the sector. 

But with the expected surge in holidays in the UK this summer, could an overwhelming tourist demand blight the good cyber practices within these businesses? With such a drastic change to the ways businesses are now working, such as working from home, taking bookings and payments online. Does this leave businesses more vulnerable to attacks from hackers?

Concerns about the safety of corporate devices running on employee home networks or employees using their devices while working from home have been heightened recently. These concerns include businesses and their employees running the risk of letting their good practices in cyber-security become too relaxed, due to the notion of being outside an office environment.

Remember to backup your data

Back up your data either in the cloud or an external drive that isn’t connected to the network. Recovering your data should you become the victim of a ransomware attack is imperative to keep your business running.

Having backups stored securely and disconnected from your network ensures there is an air gap between your live data and the backup. If you can, encrypt that data backup, so you reduce the risk of your data becoming compromised. 

Make sure your staff can identify phishing emails

As phishing remains the most common type of cyber-attack and results in the largest financial losses for businesses. 

Phishing is a tactic used by criminals who try and trick you into clicking a bad link that can download malware or try to encourage you to hand over passwords or account details. 

  • No legitimate company will send emails using ‘’ or ‘’.
  • Look at the email address, not just the sender. Do they match?
  • Check the spelling and grammar, is the domain, name, senders name and signature spelt correctly?
  • Did you expect to receive the email or attachment? Don’t open an attachment unless you are fully confident that the message is from a legitimate contact or company.

When did you last update your passwords? 

Make sure you are using different passwords for different accounts you use, make life easier by using 3 random words when creating a new password. For example ‘greenfiredbuttercup’. 

Subscribe to our newsletter

Sign up here