Finding your nearest brokers...

Latest News

UK Businesses operating in the sectors of food and hospitality have been shown

Is the hospitality sector prepared for Cyber Crime

Jan 2020

UK Businesses operating in the sectors of food and hospitality have been shown to be the firms that spent least on cybersecurity between 2018-19, despite a 20% increase in outlay on cybersecurity by this part of the UK business spectrum compared to the previous year.[1]

A report by Specops Software[2] reveals this worrying situation, highlighting how food and hospitality businesses spent an average of £1080 on cybersecurity during this period. This contrasts with a spend of £22,050 by businesses in the financial and insurance industries and even £1940 by those in the world of entertainment, services and membership provision.

The figures are alarming given that Marriott International was fined £99m in July 2019, having breached GDPR regulations. The top 30 leading Apps in the field of travel and tourism have also been proven to be weak when it comes to security and privacy protection.

Another travel business – Teletext Holidays – allowed its data to be breached, with the data that it had left unsecured including 0.2 million audio files, comprising calls between the business and its customers, according to

This type of data is one few businesses consider, with ’vishing’ being a much less well-known phrase than phishing[3]. However, audio files, in the wrong hands, can assist fraudulent transactions, with this being the latest form of social engineering. Here, a third party mimics the voice of a CEO or director and requests that a staff member transfers money out of one account into their own. In this way, fraudsters manage to get their hands-on significant sums.

Although vishing currently occurs in just 1% of cyber crime cases, there has been a 350% increase in six years and the trend is likely to continue with the arrival of Artificial Intelligence (AI). AI facilitates voice impersonations, making it easier to get employees to do what is asked of them. However, it can also abet blackmail attempts, by purporting to play conversations between individuals. It can also ruin companies’ reputations, by becoming the fuel behind fake news (Info Security magazine).

Hospitality and food businesses, that have long practised customer relationship management, based on knowing customers and their booking patterns and preferences inside-out, are goldmines of data for cyber criminals. All the efforts to build strong relationships with customers to generate repeat bookings and business, could result in a cyber attack that exposes data. This could include birthdays, booking patterns, bank details and more - all rich pickings for hackers wishing to know as much as possible about individuals, either to carry out their own crimes, or wanting to sell data to organisations operating within the dark web.

Cyber insurance is something any commercial business should consider if they determine they are potentially at risk. Policies can offer considerable benefits and layers of protection. Talking to an insurance broker about how a business can be best protected by cyber insurance, and how cover could also provide access to specialist IT support, is an important conversation to schedule. Different policies offer different types of cover and benefits and a business should be buying what is best for its own circumstances and the data resources it manages.

To find an insurance broker who can help you be a hospitality or food business that is taking the threat of cyber crime as seriously as they should, please use our ‘Find a Local Broker’ tool.