INCIBE and SEGITTUR launch the first cyber security guide for the tourism and leisure sector

The National Cyber Security Institute (INCIBE), in collaboration with the State Company for Innovation Management and Tourism Technology (SEGITTUR), has created the guide “Cyber Security in the Tourism and Leisure Sector” aimed at promoting a secure digital transformation with guarantees, thereby addressing the main key cyber security aspects that affect the tourism sector in this change.

This is the first guide focused on cyber security in the tourism and leisure industry to be launched and is framed within the agreement that has been in place between INCIBE and SEGITTUR since May.

Carme Artigas, Secretary of State for Digitalisation and Artificial Intelligence, stressed the importance of implementing cyber security in all sectors of activity “and of it being a cross-cutting element in the new digital reality. Tourism is one of these sectors. A new digital tourism where cyber security is an essential element and where companies have sectoral mechanisms and services that enable them to raise their level of cyber security and their cyber resilience capacity.”

For his part, the Secretary of State for Tourism, Fernando Valdés stressed that “the sector finds itself in a process of digital transformation, and we must guarantee that during this period of change no one gets left behind. Our sector is especially automated, therefore this guide provides invaluable assistance to tourism companies, particularly SMEs, micro -enterprises and the self-employed, who will also need to introduce security measures to be as resilient as possible against possible cyber attacks.”

Public and principal threats

The Guide is aimed at national micro-enterprises, SMEs and the self-employed that offer services in tourist and/or leisure destinations, such as accommodation, hospitality, recreational activities and cultural attractions, as well as those that help visitors make use of these destinations, such as travel agencies and car hire companies, among others.

This document is also aimed at the technological service providers for these companies, who form part of the ecosystem, for raising awareness of and applying cyber security.

In this reference guide companies will find a characterisation of cyber security applied to the sector, detailing the technological dependence and digital security profile of the different companies. What’s more, they will have at their disposal an analysis of the principal cyber security threats to which they are exposed, as well as the principal aspects to be taken into account in terms of cyber security.

It also highlights the measures that need to be taken to protect information managed by companies in the tourism and leisure sector, with the aim of transmitting a positive image of the organisation to their customers and suppliers.

Collaboration between INCIBE and SEGITTUR

INCIBE and SEGITTUR signed a collaboration agreement in May 2021 to raise awareness within the tourism sector of cyber security issues. Both organisations are thus investing in improving cyber security and resistance to cyber security incidents in the tourism sub-sectors, such as travel agencies, hotel chains, car hire companies and tour operators.