top of page

The East tourism industry re-opens but cyber criminals are not taking a break

Tourism re-opens across the whole of the East of England this week and what better time to celebrate a diverse and exciting sector, as the tourism industry starts to re-open after lockdown. Yet it comes with a strong warning from the Eastern Cyber Resilience Centre (ECRC), which is advising businesses to stay safe this summer due to the rise in cybercrime.

The Cyber Security Breaches Survey 2021 reports that 39% of business in the last 12 months have reported cyber security breaches or attacks. And with English tourism making up 80% of the UK’s visitor economy, it certainly looks like there’s plenty of scope for cyber criminals to do their worst.

More than £7,316 million was spent across the East’s tourism industry in 2019, and with hopes that the figure will increase this summer, Detective Superintendent Paul Lopez is the director for the ECRC, and advises tourist operators that improving their cyber resilience is now more imperative than ever to keeping their business safe.

Paul said: “Organisations working in tourism, leisure as well as hospitality are increasingly becoming targets of cybercriminals and in fact, face a unique set of challenges compared to other sectors.

“Hotels, for example, provide a huge scope of opportunity for attacks, as vast amounts of data is constantly being collected. Whether it’s highly sensitive and valuable information on their customers, to managing large supply chains and financial transactions, any vulnerability in software systems is what these criminals are looking to sabotage.”

And it’s not just hotels, millions of people will be making their bookings online and entrusting their personal information and payment details to private holiday-letting providers, holiday parks, guest houses and many more tourist hotspots. It is therefore crucial these SMEs have cybersecurity measures in place to not only protect themselves but also their customers’ details.

Businesses are encouraged to join the organisation to improve their cyber resilience and awareness, with free core membership offering regular cyber updates and hint and tips such as the following recommendations from Detective Superintendent Lopez:

  • Back up your data regularly and keep it separate from main systems

  • Use strong and unique passwords and avoid using the same one for multiple accounts

  • Enable two-factor authentication to make it impossible to get into an account with a password alone

  • Check all devices (including mobiles) have been installed with the latest software updates

  • Secure your Wi-Fi network

  • Invest in cyber security training sessions for you and your staff

  • Keep auditing your security practices

Businesses can find out more information about the centre and how to get involved at To keep updated with all the latest ECRC developments, follow @EasternCRC on Twitter and LinkedIn and sign up here to receive the ECRC newsletter.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page