Skip to main content
Tourism Security and cyber threat

Tourism security in an age of cyber threats

postedJanuary 27, 2019

by Dr. Peter Tarlow

Regardless of one’s role in the tourism industry, the safety of clients and staff has to be the No. 1 priority.

Over the nearly two decades since 9/11, the tourism world has known multiple threats and challenges, from airline to hotel security, and from road accidents to issues of crossing international borders. It is fair for clients to pose the question: How has your business adapted to an ever-changing world?

Unfortunately, and despite repeated warnings, many who work in the tourism industry still do not understand that leisure travel is an expendable industry, and there is nothing that can destroy the industry’s reputation more effectively than a lack of security or safety. Despite the best public relations and marketing, no amount of PR can restore a ruined vacation and lost memories due to a client’s physical or emotional distress. Although customers well understand that there is no such thing as total travel safety, there is much that the industry can do to promote a safe and secure visit for its guests.

In today’s world of cyberattacks and instantaneous social media, it is essential to dispel the idea that tourism security is static. Wise tour planners review policies and assumptions on a regular basis. They also realize that what may have been safe a week ago may not be safe next week.

That means contingency plans must be updated on a regular basis and security plans must show adequate flexibility to incorporate good customer service and proper protection. For example, the latest threat to the industry was underlined by the hacking of Marriott International’s Starwood database, potentially exposing the personal information of approximately half a billion people. According to news reports, unauthorized access to customers’ personal information may well have been occurring since 2014.

This cyberbreach serves as an example that the world of tourism security is fast-changing.

Most customers might assume that major tour companies are doing everything possible to safeguard their clients’ privacy. So when there is a successful attack, how does a business regain customer trust? Here are a few questions regarding security management—both physical and cyber—that everyone who works in the tourism industry should ask about a business plan.

Do you have a plan?  It is essential that every tourism entity assume that, at some point, it will suffer some form of attack, whether physical or cyber. Do not wait for an attack to occur to begin to figure out how to mitigate the damage. Remember that an attack not only damages the client, but it also harms the entire industry.

How do you deal with the media?  The media may not always reflect an accurate picture of a data breach or tourism tragedy. All social media and post-cyberattack plans should include not only caring for impacted clients but also doing careful work with media outlets so that they have full access to—and will report—accurate information concerning the cyberbreach.

Are you telling the truth?  As bad as the crime may be, larger disasters occur when businesses do not tell the truth. Once it becomes clear that there is a cover-up, the victimized business has managed to lose customer confidence twice: once due to the tourism tragedy or data breach and then again to an unwillingness to tell the truth.

How will your business rebuild confidence?  Nothing hurts a tourism company more than the lack of timely and accurate information. For example, airlines have lost a great deal of credibility due to poor and inaccurate information given to their passengers. After any tourism crisis, customers are rightly upset and feel vulnerable. Make sure to publicize in as many ways as possible how your business is helping these victims. Let the victims know that they are not alone and that you have a plan to aid them in whatever way possible.

Not that many years ago, tourism security experts worried about such micro-aggressions as room invasions, personal robbery or pick-pocketing. These problems should not be minimized, and in many parts of the world they are still major issues. Nevertheless, they have now morphed into macro-aggressions—large-scale acts of violence and cybertheft—and their consequences vibrate throughout the world of tourism.

Dr. Peter Tarlow is an international speaker, author and consultant in the field of tourism security and business development. He can be reached by email or at +1.979.764.8402.

Confront the Risk

by Jeffrey Ment

NTA members, including tour operators, suppliers, hotels, destinations and attractions, all stand to benefit from the economic impact from traveler spending. For instance, U.S. Travel Association statistics report that “direct spending by resident and international travelers in the U.S. averaged $2.8 billion a day” and that traveler spending supported a total of 15.6 million American jobs.

To continue to reap the rewards of a booming travel trend, however, NTA members must focus on safety and security. From a legal perspective, companies have an obligation to be aware and be prepared. The stark reality for all of us is that, at any moment, some adverse security event can occur. We can’t bury our heads in the sand. Rather, we need to assess and prepare.

To do this, NTA members should devise a strategy, starting with assembling the appropriate personnel to spearhead a safety and security team. While this can certainly be managed in-house, there also are companies, such as Global Rescue, that offer these services.

In the aftermath of tragedy, often times, victims and families look to place blame, and NTA members might be in the line of fire for an eager plaintiff’s attorney. Companies could be peppered with questions about what information they had, or more significant, did the company even ask any questions about the safety and security of the destination. We need to be prepared.

Not surprisingly, we often learn from past events. As has been reported, travel giant Tui came under intense scrutiny after more than 30 of its guests were killed outside the Imperial Marhaba hotel in Tunisia.

It turned out that Tui wanted to increase security at the hotel but was afraid that its guests would be frightened by the presence of armed guards. The company was forced to admit that it was aware of an elevated terror risk in the area but that it did not want to alarm either staff or guests. Then, after the attack, Tui found itself ensnarled in litigation and inquests.

Stories like this need to be avoided. Confront the risk: Be prepared, have a plan and execute it as needed.

Jeffrey Ment is a travel attorney with more than 27 years of experience representing all facets of the industry.

Top photo by Jeff Quire