top of page

What does an insider threat look like in the leisure and travel industry?

Updated: Jan 25

The leisure and travel industry are targeted by cyber criminals for a number of reasons, including the personally identifiable data these companies handle, as well as the large number of financial transactions they process. A successful cyber-attack can be reputationally and financially crippling, particularly for a business that relies on the trust of its clients.


As well as any resources stolen directly by criminals, there are unknown additional costs to this crime that come from any operational shutdowns. Additionally, with Covid-19 increasing the number of people working from home it is more important than ever to make sure that good cybersecurity practice is upheld to the highest standard. Insider threat is an important aspect of cyber security to consider, not necessarily because your employees are a threat, but they could be a potential liability for the security of the business.


The Main Types of Insider Threat:


Malicious- This is a deliberate choice by an employee or ex-employee to cause a cyber threat towards the company. This could be a current or ex-employee that has been unhappy with their experience, or they could have other criminal motivations, such as being part of an organised crime network.


Accidental- This involves an exposition of data that is unintentional, for example through poor cyber hygiene, weak passwords, or falling for a social engineering scam.


cyber threat

Mitigating Insider Threat:


One of the best ways to mitigate against insider threats is to instil and maintain an amicable working environment. This helps prevent disgruntled employees and encourages staff to respect rules and regulations around appropriate use of technology. Having a thorough process for when employees leave the business also makes it more difficult for a malicious insider attack to occur after their exit.


In terms of avoiding an accidental insider threat, the best form of prevention is education. If everybody within the organisation understands the most commonly occurring cyber threats, they are better prepared to know the indicative signs to look out for. This is particularly relevant when it comes to avoiding falling victim to phishing scams and ransomware, as well as targeted requests from criminals, willing to pay for insider access.


Thorough and enforced policy also has an important part to play in this. If people are aware of the rules about data sharing and know what information they can and cannot be expected to share over the internet; they will be more likely to stop and think if they receive a request for them to do something which may fall outside of their remit. Good working relationships also help with this, as people feel supported to raise any concerns they may have.


Furthering this, implementing policies such as a limit on the number of attachments that can be sent at one time help to make sure that what is being sent is going for a legitimate reason, and monitoring tools can be used to ensure that these policies are being followed. Staff should be made aware that their emails can be monitored to encourage responsibility.


Additionally, implementing strict access controls to systems means that only the people who need to access these will be able to. In a physical office space, you could go further and have areas only accessible to those who need it, even using a safe for documents that are particularly valuable.


How Can the ECRC Help?


Joining the ECRC as a free member ensures that you are your staff are supported in making the small changes that have the biggest impact. When you join as a free member, you are automatically enrolled onto our ‘Little Steps’ programme. This is a weekly email series that drip-feeds you bite-sized practical information, as well as changes you can implement quickly and easily, designed to be followed by a non-technical audience.


Additionally, the ECRC website can signpost you towards other free resources and tools that are available to help you improve your cyber resilience. If you feel as though you would like more thorough support, look at the affordable student services we offer. These can help you identify some of the potential vulnerabilities within your organisation if you are concerned about the security of your online systems.


One service to consider is our Security Awareness Training, delivered by students on the CyberPATH programme. Through CyberPATH, students are trained and monitored by senior ethical hackers to provide a selection of cyber services to businesses, which supports the future cyber talent pipeline and keeps the cost to a minimum. Security Awareness Training can be issued across either a full or half day and is tailored to the needs of its specific audience. It is designed to be contextually relevant and accessible for all abilities. SAT is also delivered by Police Cyber Protect officers, who will deliver their service free of charge over a few hours.


If you are unsure or simply want to know more about cyber resilience and what we do at the ECRC, why don’t you book a chat with us today?



ECRC logo

Reporting a live cyber-attack 24/7:


If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress) please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day 7 days a week.


Reporting a cyber-attack which is not ongoing:


Please report online to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.


Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050)


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page