The growth of digital tourism and the use of technological tools in hotels, travel agencies, and entertainment services make the sector particularly vulnerable to cyberattacks. The National Cybersecurity Institute (INCIBE) has identified tourism as one of the strategic sectors that must strengthen its security systems to protect user data and ensure the functionality of its infrastructures. From ransomware attacks to personal data breaches, the threats are diverse and can severely impact customer trust.

INCIBE works to provide resources, guides, and technical assistance to companies in the tourism sector, helping them mitigate risks and adopt best practices in cybersecurity. These measures not only protect organisations but also strengthen customer confidence, as consumers are increasingly aware of the importance of securing their personal data.

Additionally, INCIBE offers incident response services and promotes collaboration among sector stakeholders to share information on emerging threats and innovative solutions.

For more information on how to protect the tourism sector, you can visit the INCIBE website.

The Hotel Technology Institute (ITH) has launched the Cyber Risk Guide for the hotel sector, designed to help tourist accommodations understand and manage cyber risks. This resource, developed as part of the Hotel SOC project and funded by the Ministry of Industry, Trade, and Tourism, provides information on the digital threats faced by the sector, the potential consequences of a cyber incident, and the preventive measures necessary to strengthen digital security.

Key Points of the Guide

1. Understanding Cyber Risks: The guide outlines the specific cyber threats facing the hotel sector, highlighting the importance of cybersecurity in protecting sensitive guest data and internal operations.
2. Preventive Measures: It provides recommendations on how to implement effective security practices, including the use of security software, staff training, and the establishment of digital security policies.
3. Resources and Tools: It offers a list of useful resources and technological tools that hotels can use to improve their cybersecurity.

Benefits for the Sector

Implementing these measures not only protects hotels from potential cyberattacks, but also strengthens customer trust by ensuring the security of their personal data. Additionally, the guide promotes a culture of digital security among employees, encouraging responsible and informed practices.

For more details and to download the full guide, visit ITH.

The tourism sector is experiencing a significant increase in demand for professionals with technological skills. According to recent data, the need to integrate digital tools and data analysis has led to a 30% rise in demand for technology experts over the past year. This digital transformation is essential for enhancing customer experience and optimising operations.

Technological Adaptation

Tourism companies are adopting new technologies to remain competitive. It is estimated that 75% of tourism businesses plan to increase their investment in technology over the next two years. This investment is focused on improving key areas such as data analysis, digital marketing, and cybersecurity.

Training and Skills

To address this growing demand, specific training programs have been developed. The most valued skills include data analysis, digital marketing, and cybersecurity. A recent report highlights that 60% of companies in the sector have begun training their staff in these areas to keep up with technological trends.

Impact on the Sector

The adoption of digital technologies has optimised operations and improved data-driven decision-making, enabling more personalised services. Additionally, digital transformation contributes to the sector’s sustainability through more efficient resource management. It is expected that technological integration will drive a 20% increase in the productivity of the tourism sector by 2025.

For more information, read the full article on the Galicia Tourism Cluster website.

Cybersecurity has become a priority for tourism businesses, as cyber threats constantly evolve and can severely impact operations. Implementing threat intelligence enables companies in the sector to identify, process, and analyse information about potential attacks, anticipating their impacts and protecting their systems.

Strategies and Protective Measures

• Sources of Information. Identifying and selecting relevant sources for the tourism sector is crucial. Platforms like Cyber Threat Alliance provide information on specific threats to connected devices in hotels and other tourist establishments.
• Analysis and Response. After identifying threats, it is vital to analyse the information and update security systems accordingly. Staff training is equally important to prevent fraud, such as identity theft on booking platforms.
• Continuous Evaluation. Companies should regularly review their intelligence sources and cybersecurity strategies to ensure they are effective. This includes adjusting processes and enhancing staff training to stay up-to-date with the latest threats.

Benefits for the Tourism Sector

Implementing a cyber threat intelligence programme based on standards such as ISO 27001 or NIST-800 not only protects sensitive company information but also improves their ability to respond to attacks. This is essential for maintaining customer trust and ensuring business continuity in an increasingly digital and connected environment.

Request your assistance in Cybersecurity for businesses!

OBJECTIVE
The Activa Cybersecurity program offers specialized and personalized advice to companies, aiming to analyze their current cybersecurity situation and develop a specific plan tailored to their needs.

PROGRAM
The program includes individual meetings with the business owner, technical audits, specialized remote work, and thematic group workshops to highlight the importance of cybersecurity in business strategy.

DURATION
Available until the budget credit is exhausted.

PREVIOUS REQUIREMENTS

• Companies classified as SMEs.
• Legally established and duly registered in the corresponding registry.
• Fulfill the requirements of Article 7 of Order ICT/819/2022, of August 12, and what is established in the Call document. (Regarding limitations due to debts, fiscal domicile, etc.).
• SME status. Companies that meet the requirements established for the category of micro, small, and medium-sized enterprises (SMEs) in Article 2 of Annex I of Commission Regulation (EU) No 651/2014. (Up to 250 workers and not exceeding 50 million in annual turnover).

GEOGRAPHICAL SCOPE

The Activa Cybersecurity program is available to companies across the national territory.

For more details and to start your application, please visit the following link or contact us directly.