National Tourism Week is taking place this week (22-31 May). And as the industry re-opens after lockdown, it comes with a strong warning from the South West Cyber Resilience Centre (SWCRC), a police-led, not-for-profit organisation, advising businesses to stay safe this summer due to the rise in cybercrime.
With a recent Airbnb report on trending staycation locations seeing six areas of Cornwall, Devon and Gloucestershire claiming top 10 listings, there’s a risk that they look like rich pickings for the criminals. Mark Moore, Director for the SWCRC advises tourist operators that improving their cyber resilience is essential.
“A recent survey suggested that around 25 per cent of small businesses would be unable to survive a cyber attack. Government statistics suggest that the average annual cost to a business hit by attack is over £8,000. We know that the tourist sector in particular has been enormously impacted by events of the last year, and many of its businesses have extremely limited resilience right now. That’s why we particularly want to ensure that they do the simple things that they can, to keep themselves safer.
“We know that cyber can sound difficult and complicated, and that’s precisely what we’re here to help you with. Sure, there are technical fixes to make you safer, but with a recent survey suggesting that 85% of breaches had a human element, just knowing what to look out for can go a very long way. Every month, we can offer a really good update on the latest threats to look out for, and we can give you clear national guidance about the quick things that will make you so much safer. And, then, if you do want someone to take a closer look at your systems and give them a health-check, our partnerships with regional universities mean that we can help you out in a very cost-effective way.
“Our tourist sector, let’s hope, is about to be as busy as it’s ever been. And it’s when you’re busy that mistakes get made. If a hotel system shuts down and it doesn’t know who’s booking in tonight, or a beachfront restaurant has its order details wiped, then it can be more than just a headache. You’ve so much business-critical data on your systems, because you operate a fast-moving world with regular turnover. We want to make sure that you can use this summer to focus on generating much-needed profit for your own businesses, and not to support the criminals.”
Simple national guidance would suggest that if nothing else, you start with the following basics. You can find a lot more detail on the SWCRC website.
- Make sure your email has a strong and separate password – don’t use it on any other accounts.
- Get used to using strong and unique passwords elsewhere too… you can save them in your browser, and don’t need to remember them yourself! We recommend using three random words… like pedalowavesbronzer. (Good luck cracking that one).
- Turn on two factor authentication – it makes it impossible to get into your accounts with a password alone. Google it if you want to find out more: it’s simple.
- Update your devices: updates are generally in response to a newly-identified vulnerability so if you want to remain vulnerable, don’t update. That’s simple too: and it applies to your mobile devices as well as your desktop.
- Back up your data, regularly, and keep it separate from your main system.
Businesses can sign up for free membership of the centre at www.swcrc.co.uk/membership, and get the basics in place to make themselves safer right now. After that, the team is there to help with any other cyber needs they might have, signposting them to affordable, accessible and reputable options, in a complicated world.
To keep updated with all the latest SWCRC developments, follow @southwestcrc on Twitter or LinkedIn.